c79649b70f1680062355e956dcabe0fa2ecb58faf5c22d4454a3dbb67e1db6b7 | Triage

Sharing

General

Target

chthonic_2.23.11.7.vir
Size

147KB
Sample

200719-1dbgq6bjra
MD5

da35953c97d7ae09edc85da33296e993
SHA1

b545abc8bce08d197f38512062391152ee859ade
SHA256

c79649b70f1680062355e956dcabe0fa2ecb58faf5c22d4454a3dbb67e1db6b7
SHA512

26856d338a4f71151f448ffc805176d294aaf7e248de6d3c54a1b69f054a7fa10530b6f4a3ff33c261a5533e130f16ea994660354762fe3cf959f726c7d4bc15

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  chthonic_2.23.11.7.vir
- Size
  
  147KB
- MD5
  
  da35953c97d7ae09edc85da33296e993
- SHA1
  
  b545abc8bce08d197f38512062391152ee859ade
- SHA256
  
  c79649b70f1680062355e956dcabe0fa2ecb58faf5c22d4454a3dbb67e1db6b7
- SHA512
  
  26856d338a4f71151f448ffc805176d294aaf7e248de6d3c54a1b69f054a7fa10530b6f4a3ff33c261a5533e130f16ea994660354762fe3cf959f726c7d4bc15
Score

10^/10

evasion trojan persistence
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasiontrojanpersistence

behavioral2

evasiontrojanpersistence