9c42daa4f9e0c2ee343ebd66d4da358550b24cd20c5a109b91435629c6c8220f | Triage

Sharing

General

Target

15298ad72ec13e21644f346bd57190bb
Size

372KB
Sample

231230-lzzf9afea5
MD5

15298ad72ec13e21644f346bd57190bb
SHA1

6e9bcf44706e82600fa83a6a46a6e3ddcd2cc829
SHA256

9c42daa4f9e0c2ee343ebd66d4da358550b24cd20c5a109b91435629c6c8220f
SHA512

ace830296185f167d86c03bbe5ccc6282203c5d663bec718c945e66c6c8ab9a7cfb84a2bb2a6886a09c82bd690e8acc6784d5404b29e6c95d92198671b2a86ab
SSDEEP

6144:0yqZCmXiqyq6c13L5vPre4r/LyNzEfKzW/MsdI5kxyedJAsObqrGlb/FYYKIfS0c:0yqC/qJ3d7JXQkyWEsdI50pdJAoivfS5

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  15298ad72ec13e21644f346bd57190bb
- Size
  
  372KB
- MD5
  
  15298ad72ec13e21644f346bd57190bb
- SHA1
  
  6e9bcf44706e82600fa83a6a46a6e3ddcd2cc829
- SHA256
  
  9c42daa4f9e0c2ee343ebd66d4da358550b24cd20c5a109b91435629c6c8220f
- SHA512
  
  ace830296185f167d86c03bbe5ccc6282203c5d663bec718c945e66c6c8ab9a7cfb84a2bb2a6886a09c82bd690e8acc6784d5404b29e6c95d92198671b2a86ab
- SSDEEP
  
  6144:0yqZCmXiqyq6c13L5vPre4r/LyNzEfKzW/MsdI5kxyedJAsObqrGlb/FYYKIfS0c:0yqC/qJ3d7JXQkyWEsdI50pdJAoivfS5
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2