c17f66e015691a55e7dff243d25e8c5753dd0cff125a4b9eddbc3a9811ab6ea1 | Triage

Sharing

General

Target

272236b631f5fa4d9db55e111b8f09cc.bin
Size

372KB
Sample

240707-c14b6a1fqn
MD5

272236b631f5fa4d9db55e111b8f09cc
SHA1

b9d978a9bf0eb664b9d57d07f90a0d176caf147f
SHA256

c17f66e015691a55e7dff243d25e8c5753dd0cff125a4b9eddbc3a9811ab6ea1
SHA512

e5385d1ff6cc86bc7f631739eb5122a1fa6fbac5be36382d0c8f04879b099b1b709524d41e0dfcc382d6758d83fbde307319d119082ece59b1709af6f1a2f558
SSDEEP

6144:lHZA1kbQVjPXhe/qc+FNbHsHTUCzutSEVxCWr3rgNMPeXxEwf5I71I5Bnsz+ey:t/Q1PQIbMHIdtFxCaEN5XxEwxXmzty

Score

8^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  272236b631f5fa4d9db55e111b8f09cc.bin
- Size
  
  372KB
- MD5
  
  272236b631f5fa4d9db55e111b8f09cc
- SHA1
  
  b9d978a9bf0eb664b9d57d07f90a0d176caf147f
- SHA256
  
  c17f66e015691a55e7dff243d25e8c5753dd0cff125a4b9eddbc3a9811ab6ea1
- SHA512
  
  e5385d1ff6cc86bc7f631739eb5122a1fa6fbac5be36382d0c8f04879b099b1b709524d41e0dfcc382d6758d83fbde307319d119082ece59b1709af6f1a2f558
- SSDEEP
  
  6144:lHZA1kbQVjPXhe/qc+FNbHsHTUCzutSEVxCWr3rgNMPeXxEwf5I71I5Bnsz+ey:t/Q1PQIbMHIdtFxCaEN5XxEwxXmzty
Score

8^/10

evasion persistence trojan
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan