c63747bc82ad844ffd323ce1038def18ed912a7db1fb7211cdbe1483f8baf819 | Triage

Submit
Reports

Overview

overview

Static

static

chthonic_2...ir.exe

windows7_x64

chthonic_2...ir.exe

windows10_x64

1

Sharing

General

Target

chthonic_2.23.18.1.vir
Size

276KB
Sample

200719-6k64etyxjn
MD5

38e16728716a7888da10c07799565a43
SHA1

0131b44b9e66d339ff99523d0df9b6dcaf6eac2f
SHA256

c63747bc82ad844ffd323ce1038def18ed912a7db1fb7211cdbe1483f8baf819
SHA512

ba40740efaf4957ab7a819584bc26623b8daeb3ce541c0d29fa9c04a0cede75fbe83c8bbf10daf8d653c8e54a86993cf75f7b8355d6236b648c39934f2862ad4

Score

10^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

chthonic_2.23.18.1.vir.exe

Resource

win7v200430

evasion trojan persistence

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

chthonic_2.23.18.1.vir.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  chthonic_2.23.18.1.vir
- Size
  
  276KB
- MD5
  
  38e16728716a7888da10c07799565a43
- SHA1
  
  0131b44b9e66d339ff99523d0df9b6dcaf6eac2f
- SHA256
  
  c63747bc82ad844ffd323ce1038def18ed912a7db1fb7211cdbe1483f8baf819
- SHA512
  
  ba40740efaf4957ab7a819584bc26623b8daeb3ce541c0d29fa9c04a0cede75fbe83c8bbf10daf8d653c8e54a86993cf75f7b8355d6236b648c39934f2862ad4
Score

10^/10

evasion trojan persistence
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- UAC bypass
  evasion trojan
- Windows security bypass
  evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Modifies service
  persistence
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasiontrojanpersistence

behavioral2

© 2018-2024

Terms | Privacy