caa7a7501033b47395d0ee421464618b7777ce2a798111e29b47267b778d5fc7 | Triage

Sharing

General

Target

caa7a7501033b47395d0ee421464618b7777ce2a798111e29b47267b778d5fc7.unknown
Size

76KB
Sample

240213-fyfd4aff95
MD5

7e08e28d64e2026b8325935172c27c6b
SHA1

3be2858857ffba56416db3001a4f9a382a7404ec
SHA256

caa7a7501033b47395d0ee421464618b7777ce2a798111e29b47267b778d5fc7
SHA512

816dd4906b26ac9fdaed836ca273588cac0d807868934715d500c3a9f8ad31bd11020d3a589d016a1c60c93fe714602f45963e78932b36ae1fa4cc54048190e9
SSDEEP

768:H0nzwRQmH5omBvaGGZFD9lu2drSX0kUG39UaZd4xJk0sS7:AzwGmHfBsZFDfu2dmX0kUmU/uS7

Score

10^/10

evasion trojan

Malware Config

Targets

- Target
  
  caa7a7501033b47395d0ee421464618b7777ce2a798111e29b47267b778d5fc7.unknown
- Size
  
  76KB
- MD5
  
  7e08e28d64e2026b8325935172c27c6b
- SHA1
  
  3be2858857ffba56416db3001a4f9a382a7404ec
- SHA256
  
  caa7a7501033b47395d0ee421464618b7777ce2a798111e29b47267b778d5fc7
- SHA512
  
  816dd4906b26ac9fdaed836ca273588cac0d807868934715d500c3a9f8ad31bd11020d3a589d016a1c60c93fe714602f45963e78932b36ae1fa4cc54048190e9
- SSDEEP
  
  768:H0nzwRQmH5omBvaGGZFD9lu2drSX0kUG39UaZd4xJk0sS7:AzwGmHfBsZFDfu2dmX0kUmU/uS7
Score

10^/10

evasion trojan
- UAC bypass
  evasion trojan
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Scheduled Task/Job

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2