Overview

overview

8

Static

static

chthonic_2...ir.exe

windows7_x64

8

chthonic_2...ir.exe

windows10_x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    chthonic_2.23.15.12.vir

  • Size

    427KB

  • Sample

    200719-48wrbmg9we

  • MD5

    8296372373a0e63024143e6beee29a82

  • SHA1

    4fae40c361e7f2da23a7984e06320b89cbad654d

  • SHA256

    b6f9f9fa970bf7ec730e0944b1bb0ba8d17a3715de0730bc417aae149ae048dd

  • SHA512

    3bf80ceb5cdb03fd5419741c4fabd293ab9003d972ef9bc329528664197287d81f03522d6b3852d480898f2477615d6178995bdc82bc1783978850a5b5647cce

Score
8/10
evasionpersistencetrojan

Malware Config

Targets

    • Target

      chthonic_2.23.15.12.vir

    • Size

      427KB

    • MD5

      8296372373a0e63024143e6beee29a82

    • SHA1

      4fae40c361e7f2da23a7984e06320b89cbad654d

    • SHA256

      b6f9f9fa970bf7ec730e0944b1bb0ba8d17a3715de0730bc417aae149ae048dd

    • SHA512

      3bf80ceb5cdb03fd5419741c4fabd293ab9003d972ef9bc329528664197287d81f03522d6b3852d480898f2477615d6178995bdc82bc1783978850a5b5647cce

    Score
    8/10
    persistenceevasiontrojan

    • Blacklisted process makes network request

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks