ee350f0dc09c7f71e59a928e485caef023cc04e84f98fda7a83fbc33482dfca0 | Triage

Sharing

General

Target

7434859c3d599b1e6d66e23223ceb842
Size

364KB
Sample

240125-kbss5abhf2
MD5

7434859c3d599b1e6d66e23223ceb842
SHA1

e305d918c1d44cba163fe11bbe3ee9d7b94cfb5c
SHA256

ee350f0dc09c7f71e59a928e485caef023cc04e84f98fda7a83fbc33482dfca0
SHA512

2ddef289f84a03172df1940d1503334a9846168b1bea78ddc251212f228fafecad2347c7791145cc6072f86a5205abf67f65e2ea1354a8766bba8e79b0aad71c
SSDEEP

6144:U5u9zt0vzIvxHxQ9JaXAU79jun7jdlF5EA/WfLSzusLMYA97cJdISmnR2eCsbP7R:U5yt0cxH+GXBsnp5EYWzEuWMHofaR2eR

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  7434859c3d599b1e6d66e23223ceb842
- Size
  
  364KB
- MD5
  
  7434859c3d599b1e6d66e23223ceb842
- SHA1
  
  e305d918c1d44cba163fe11bbe3ee9d7b94cfb5c
- SHA256
  
  ee350f0dc09c7f71e59a928e485caef023cc04e84f98fda7a83fbc33482dfca0
- SHA512
  
  2ddef289f84a03172df1940d1503334a9846168b1bea78ddc251212f228fafecad2347c7791145cc6072f86a5205abf67f65e2ea1354a8766bba8e79b0aad71c
- SSDEEP
  
  6144:U5u9zt0vzIvxHxQ9JaXAU79jun7jdlF5EA/WfLSzusLMYA97cJdISmnR2eCsbP7R:U5yt0cxH+GXBsnp5EYWzEuWMHofaR2eR
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2