77708139f01b4743b67b477e08cd71477d88fbf7c97f9ef637aebfba9cc70d05 | Triage

Sharing

General

Target

966a691b3369a8b09dfa46eaa0dcfc5f
Size

216KB
Sample

240212-gmf2xsfh76
MD5

966a691b3369a8b09dfa46eaa0dcfc5f
SHA1

49a05cf0a646ae3b831466e2c239a0fdf5bb2e47
SHA256

77708139f01b4743b67b477e08cd71477d88fbf7c97f9ef637aebfba9cc70d05
SHA512

d73ebb7edae9c205ef2b447f49110f94ad25a54915a86d1d6c03e87f3b5085ca9354dca9dc87e9b271f8c7704342115a3d6544b23c3e76a2e09ab85715608e44
SSDEEP

6144:m7yT0s131e1LyYpCmuL1HR3dnZ+WiaD0gzO/o:xAst1e9pCmuZHN+WiaD0gzO

Score

8^/10

evasion trojan

Malware Config

Targets

- Target
  
  966a691b3369a8b09dfa46eaa0dcfc5f
- Size
  
  216KB
- MD5
  
  966a691b3369a8b09dfa46eaa0dcfc5f
- SHA1
  
  49a05cf0a646ae3b831466e2c239a0fdf5bb2e47
- SHA256
  
  77708139f01b4743b67b477e08cd71477d88fbf7c97f9ef637aebfba9cc70d05
- SHA512
  
  d73ebb7edae9c205ef2b447f49110f94ad25a54915a86d1d6c03e87f3b5085ca9354dca9dc87e9b271f8c7704342115a3d6544b23c3e76a2e09ab85715608e44
- SSDEEP
  
  6144:m7yT0s131e1LyYpCmuL1HR3dnZ+WiaD0gzO/o:xAst1e9pCmuZHN+WiaD0gzO
Score

8^/10

evasion trojan
- Modifies Windows Firewall
  evasion
- Drops startup file
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2