2d951b1400ebf4f754965f4e9060b68c3c7fe3d4c2fca75ea564f9d9b79de09b | Triage

Resubmissions

01/04/2025, 16:53

250401-vefyvasvg1 10

30/03/2025, 21:43

250330-1k85gazm12 10

30/03/2025, 21:40

250330-1je51azmy8 10

Sharing

General

Target

shp.scr
Size

214KB
Sample

250330-1je51azmy8
MD5

c8b7cf2daca05d5cdaa31939c553b1db
SHA1

315c8b4f3719296bfff8e40b01f0d758e13122a3
SHA256

2d951b1400ebf4f754965f4e9060b68c3c7fe3d4c2fca75ea564f9d9b79de09b
SHA512

6e56a8c0c675dd9e525b4bee0ad9b7fe5820d15592d1773098d61c0d35a4e3f5460e4a76af57e94068b17ab9c38bbd571cae3da699dfe4426cb19112ad452965
SSDEEP

6144:dldk1cWQRNTB1M8HySSzCF9NoA/EusgXyAyW:dcv0NTXxH+zkRjskyAyW

Score

10^/10

defense_evasion discovery trojan

Malware Config

Targets

- Target
  
  shp.scr
- Size
  
  214KB
- MD5
  
  c8b7cf2daca05d5cdaa31939c553b1db
- SHA1
  
  315c8b4f3719296bfff8e40b01f0d758e13122a3
- SHA256
  
  2d951b1400ebf4f754965f4e9060b68c3c7fe3d4c2fca75ea564f9d9b79de09b
- SHA512
  
  6e56a8c0c675dd9e525b4bee0ad9b7fe5820d15592d1773098d61c0d35a4e3f5460e4a76af57e94068b17ab9c38bbd571cae3da699dfe4426cb19112ad452965
- SSDEEP
  
  6144:dldk1cWQRNTB1M8HySSzCF9NoA/EusgXyAyW:dcv0NTXxH+zkRjskyAyW
Score

10^/10

defense_evasion discovery trojan
- UAC bypass
  defense_evasion trojan
- Disables Task Manager via registry modification
  defense_evasion
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverytrojan