8a4190f5de935f6cb6ab7fa22446409353a4fbfcbc91f339fa6f6bc1af140f2d | Triage

Sharing

General

Target

tmp
Size

793KB
Sample

231229-w8xn5abeem
MD5

8b2e6fda3daf9bfc566311264c727bb5
SHA1

498ab4a779d02cfd8d4a657e00672b0bdd7e9eed
SHA256

8a4190f5de935f6cb6ab7fa22446409353a4fbfcbc91f339fa6f6bc1af140f2d
SHA512

6398c6208e592d5336c849b33423fe2e4ffbda07799d433ce057c21327b44486b9e7be78f55bdfa8254f2410629987e34294ed54438f5f2f8a6261454590c279
SSDEEP

12288:CNsMP4mIXzw8n4Zwr1dXOTV2HbV11OToWnTuToh:C74Jn4ZwCTV270TNTuT4

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  tmp
- Size
  
  793KB
- MD5
  
  8b2e6fda3daf9bfc566311264c727bb5
- SHA1
  
  498ab4a779d02cfd8d4a657e00672b0bdd7e9eed
- SHA256
  
  8a4190f5de935f6cb6ab7fa22446409353a4fbfcbc91f339fa6f6bc1af140f2d
- SHA512
  
  6398c6208e592d5336c849b33423fe2e4ffbda07799d433ce057c21327b44486b9e7be78f55bdfa8254f2410629987e34294ed54438f5f2f8a6261454590c279
- SSDEEP
  
  12288:CNsMP4mIXzw8n4Zwr1dXOTV2HbV11OToWnTuToh:C74Jn4ZwCTV270TNTuT4
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2