3d27e9b38d84e539a2a2a83bd0afcad2d63c43ffef1cbd51f1ab1d1963d562f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Risxn_Free_Tweaking_Panel_V3.bat
Size

86KB
Sample

240221-q5cxnagc31
MD5

63e640f3d2454e5d68eb12b2312fed53
SHA1

921faa97a2c96f9ea6b8218e13e056e9c0116883
SHA256

3d27e9b38d84e539a2a2a83bd0afcad2d63c43ffef1cbd51f1ab1d1963d562f7
SHA512

2458fc7322206597e529551c6654f1538ce042fb407a5c73bf90e64d2c64a0c5a58cbe7a9f8ebff1c1bf080ed05d4f89370712373e1fedfa1e0792514af7b178
SSDEEP

384:mW4uMpmFTBp1uFuyIBmGlngbuPPqoeV9WIblw8WGDyLNZfKGDyLNZfU9aQ:emFTBWQyEjPqoC9yiUF

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  Risxn_Free_Tweaking_Panel_V3.bat
- Size
  
  86KB
- MD5
  
  63e640f3d2454e5d68eb12b2312fed53
- SHA1
  
  921faa97a2c96f9ea6b8218e13e056e9c0116883
- SHA256
  
  3d27e9b38d84e539a2a2a83bd0afcad2d63c43ffef1cbd51f1ab1d1963d562f7
- SHA512
  
  2458fc7322206597e529551c6654f1538ce042fb407a5c73bf90e64d2c64a0c5a58cbe7a9f8ebff1c1bf080ed05d4f89370712373e1fedfa1e0792514af7b178
- SSDEEP
  
  384:mW4uMpmFTBp1uFuyIBmGlngbuPPqoeV9WIblw8WGDyLNZfKGDyLNZfU9aQ:emFTBWQyEjPqoC9yiUF
Score

10^/10

evasion persistence trojan
- UAC bypass
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan