1e2dfcb2486ac9b7ae818b819d6ef5fcb97297062783c8f678d2f948e5be8e8a | Triage

Sharing

General

Target

37e4479103d6cc3b2d098d8d5479ceaf.rar
Size

75KB
Sample

240110-xvtkzsehd8
MD5

37e4479103d6cc3b2d098d8d5479ceaf
SHA1

99859a4bb498377b4478fc20289049eb6b2bf8ea
SHA256

1e2dfcb2486ac9b7ae818b819d6ef5fcb97297062783c8f678d2f948e5be8e8a
SHA512

81da4ef31ecbdf831513e49f769a6df5f6a1b5e3a300d4fecd2593cc0b15e3d8285722470250b289e18bf31e0cc4f16fca4c7f0220ae23c3870f2d8b3ca1584b
SSDEEP

1536:G8ag/VTXnlXl/rPthT9/07WMFuRayYWvi5VcjP2fzYCp4j1iU60Oy:LRFX3TPtt9/079uROW8cjufzYCyj1qy

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  smeet_hack.exe
- Size
  
  132KB
- MD5
  
  b9fe8ba9fa03b661875eafadef6deeba
- SHA1
  
  26740c46154ebde429393343b1340718948d5d2a
- SHA256
  
  793de2577ef5401c24923a67bd9dd270fba01a29a57b935793534a7b9b6e753b
- SHA512
  
  42af1306dbfab18a54457a0caff59fff512f3a6be145fd45b92da7199307cb8781f066d7281be43594f2aaf288b8b02ffd6dd5bd0a0ce8f01d5eb46828fbd8ac
- SSDEEP
  
  3072:+k/HpFI90No9z22drwEVIDEtc8aRFxhYi:THpFI9c2dswtcv7b
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Disables RegEdit via registry modification
  evasion
- Disables Task Manager via registry modification
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan