cf37e1644eb9c9ed2205921adfe160a3ae8b24c7b119e7f77846463752b17f5d | Triage

Sharing

General

Target

cf37e1644eb9c9ed2205921adfe160a3ae8b24c7b119e7f77846463752b17f5d
Size

3.2MB
Sample

240624-dajeqsygjl
MD5

6f2b9a4c2e69d96b0f275d22060fb904
SHA1

d79b1a0b9deec643eb821a38702c8a5d605e0b6d
SHA256

cf37e1644eb9c9ed2205921adfe160a3ae8b24c7b119e7f77846463752b17f5d
SHA512

4d7cf4153152856a08bfd73fdc5e964ee57383b9e7d58169c576ed216b3adca0d85c650235e6f955817f9c0de21bd61f232c2e2b019d4b84d726687e406771b9
SSDEEP

98304:5Y8WV9nEF+oi9oYGVo7SROk/BznpU6jcja4Q2B:5YRVu9i9oYGvOkV+wc

Score

10^/10

evasion execution trojan

Malware Config

Targets

- Target
  
  cf37e1644eb9c9ed2205921adfe160a3ae8b24c7b119e7f77846463752b17f5d
- Size
  
  3.2MB
- MD5
  
  6f2b9a4c2e69d96b0f275d22060fb904
- SHA1
  
  d79b1a0b9deec643eb821a38702c8a5d605e0b6d
- SHA256
  
  cf37e1644eb9c9ed2205921adfe160a3ae8b24c7b119e7f77846463752b17f5d
- SHA512
  
  4d7cf4153152856a08bfd73fdc5e964ee57383b9e7d58169c576ed216b3adca0d85c650235e6f955817f9c0de21bd61f232c2e2b019d4b84d726687e406771b9
- SSDEEP
  
  98304:5Y8WV9nEF+oi9oYGVo7SROk/BznpU6jcja4Q2B:5YRVu9i9oYGvOkV+wc
Score

10^/10

evasion execution trojan
- UAC bypass
  evasion trojan
- Stops running service(s)
  evasion execution
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

System Services

Service Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Create or Modify System Process

Windows Service

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionexecutiontrojan

behavioral2

evasionexecutiontrojan