cc30a77b961a977f2899b5b69e9132415a11ed1496cc8e1b6e100f7701397db5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0abd7ec635a0318c63b081f1ee0fa1bd.bin
Size

400KB
Sample

240626-bdff5svcme
MD5

0abd7ec635a0318c63b081f1ee0fa1bd
SHA1

4a9147aa572118c76b52350b32b2be8182b82439
SHA256

cc30a77b961a977f2899b5b69e9132415a11ed1496cc8e1b6e100f7701397db5
SHA512

b7c879c1a7725d0f7c1b4d3c74d3dea764344a71796de7fe045113bb32c58a3a6f57b3cd74fc1b3bbf4f91e3e6aaa39a959ca555c0f7fa3b50c92e580c4d9ed0
SSDEEP

6144:myl0m4f3ojWG8MoWtwgH0flNUX6UWpdNNBT4SyJ2Ew71:3g3o/onE0NNVUk5itG

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  0abd7ec635a0318c63b081f1ee0fa1bd.bin
- Size
  
  400KB
- MD5
  
  0abd7ec635a0318c63b081f1ee0fa1bd
- SHA1
  
  4a9147aa572118c76b52350b32b2be8182b82439
- SHA256
  
  cc30a77b961a977f2899b5b69e9132415a11ed1496cc8e1b6e100f7701397db5
- SHA512
  
  b7c879c1a7725d0f7c1b4d3c74d3dea764344a71796de7fe045113bb32c58a3a6f57b3cd74fc1b3bbf4f91e3e6aaa39a959ca555c0f7fa3b50c92e580c4d9ed0
- SSDEEP
  
  6144:myl0m4f3ojWG8MoWtwgH0flNUX6UWpdNNBT4SyJ2Ew71:3g3o/onE0NNVUk5itG
Score

10^/10

evasion persistence trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2