e097234f7020f7f728106ac2648d5a77f19004bdea67c3f14a6b373575bf7af2 | Triage

Sharing

General

Target

chthonic_2.23.11.3.vir
Size

229KB
Sample

200719-sz8rzm9ewe
MD5

a7ff128bb60cde180d2eea63313f59bb
SHA1

32b93a7c8d901cfc6ee01fd0f1110e2cc9b9deed
SHA256

e097234f7020f7f728106ac2648d5a77f19004bdea67c3f14a6b373575bf7af2
SHA512

800d9f861a0314b2515961a4ff859490544c95ef5683803e6e6c890675b4c1d6df496e0e04236513d495685554f7b5cd1fb0733839dbe71e66649cf48b435c64

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  chthonic_2.23.11.3.vir
- Size
  
  229KB
- MD5
  
  a7ff128bb60cde180d2eea63313f59bb
- SHA1
  
  32b93a7c8d901cfc6ee01fd0f1110e2cc9b9deed
- SHA256
  
  e097234f7020f7f728106ac2648d5a77f19004bdea67c3f14a6b373575bf7af2
- SHA512
  
  800d9f861a0314b2515961a4ff859490544c95ef5683803e6e6c890675b4c1d6df496e0e04236513d495685554f7b5cd1fb0733839dbe71e66649cf48b435c64
Score

10^/10

evasion trojan persistence
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- UAC bypass
  evasion trojan
- Adds policy Run key to start application
  persistence
- Disables taskbar notifications via registry modification
  evasion
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Modify Registry

Disabling Security Tools

Bypass User Account Control

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

evasiontrojanpersistence

behavioral2

evasiontrojanpersistence