e41de7a1056c3c9a28ca6d1b40424e4ca07d51607cb5f86e1c65df09fa47c7f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d90c6e133e8c1c3cf498585e7ec3362
Size

388KB
Sample

240109-g1hgxaaagr
MD5

4d90c6e133e8c1c3cf498585e7ec3362
SHA1

596840f025a80a26d608e0a35582ef4f6f3d5e6b
SHA256

e41de7a1056c3c9a28ca6d1b40424e4ca07d51607cb5f86e1c65df09fa47c7f5
SHA512

04eb302f56fca1c17d002f405322db1a4268bb4d440dc35c17752ba6d04e9cc2974739972860dcfdd3d3dc2ae0330d6ca2f41e8750ffd7e59fca607a2d9b88db
SSDEEP

6144:wq/+ep82m8Anc7amzdxyQEf5d+vheNaENwg6DutB4aeqq/SDrdmmklBnsz+uYA:wz6MAamJxof5EheN9wg6NaeqUS0pmzoA

Score

8^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  4d90c6e133e8c1c3cf498585e7ec3362
- Size
  
  388KB
- MD5
  
  4d90c6e133e8c1c3cf498585e7ec3362
- SHA1
  
  596840f025a80a26d608e0a35582ef4f6f3d5e6b
- SHA256
  
  e41de7a1056c3c9a28ca6d1b40424e4ca07d51607cb5f86e1c65df09fa47c7f5
- SHA512
  
  04eb302f56fca1c17d002f405322db1a4268bb4d440dc35c17752ba6d04e9cc2974739972860dcfdd3d3dc2ae0330d6ca2f41e8750ffd7e59fca607a2d9b88db
- SSDEEP
  
  6144:wq/+ep82m8Anc7amzdxyQEf5d+vheNaENwg6DutB4aeqq/SDrdmmklBnsz+uYA:wz6MAamJxof5EheN9wg6NaeqUS0pmzoA
Score

8^/10

evasion persistence trojan
- Downloads MZ/PE file
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan