b88be1a9ed4f91d6c598a92a7fbde417dd7ad589b7c6a2e436db518a14558b21 | Triage

Sharing

General

Target

d79296306d973cf5338d387074e908a7
Size

404KB
Sample

240320-bt2djsea3x
MD5

d79296306d973cf5338d387074e908a7
SHA1

45090d3fd786e5e34f8677d4521322a5a4ab83e0
SHA256

b88be1a9ed4f91d6c598a92a7fbde417dd7ad589b7c6a2e436db518a14558b21
SHA512

db12bea54b1eb6a4ed134260049d91c51fdb87941196d6e4af25962a75215e798d2557cc713a5538fc1d7b80994494cbcea8fdc6d401d16f4a21fe5339c99132
SSDEEP

6144:i4INpROSJfcd1tuP6MQsQ123GSxJIIVY0VE8gySVbjboPIZNTBTU4:i4UROm0tuPWsQX4e/cE8zeDxZ/U

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  d79296306d973cf5338d387074e908a7
- Size
  
  404KB
- MD5
  
  d79296306d973cf5338d387074e908a7
- SHA1
  
  45090d3fd786e5e34f8677d4521322a5a4ab83e0
- SHA256
  
  b88be1a9ed4f91d6c598a92a7fbde417dd7ad589b7c6a2e436db518a14558b21
- SHA512
  
  db12bea54b1eb6a4ed134260049d91c51fdb87941196d6e4af25962a75215e798d2557cc713a5538fc1d7b80994494cbcea8fdc6d401d16f4a21fe5339c99132
- SSDEEP
  
  6144:i4INpROSJfcd1tuP6MQsQ123GSxJIIVY0VE8gySVbjboPIZNTBTU4:i4UROm0tuPWsQX4e/cE8zeDxZ/U
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2