85371ef0d1d293b4d84ce6a327e09892dd94e22a3a734c5af6d48e752f5c5ac1 | Triage

Sharing

General

Target

85371ef0d1d293b4d84ce6a327e09892dd94e22a3a734c5af6d48e752f5c5ac1
Size

684KB
Sample

191025-4v76x984ha
MD5

bf44f94844fb046c1686cd77eb180129
SHA1

2cb89def42979d42344607f851bafd2c19dd8f7d
SHA256

85371ef0d1d293b4d84ce6a327e09892dd94e22a3a734c5af6d48e752f5c5ac1
SHA512

8f21d23ea949fb81b21a10a9a914d89950cd861dd54253134caae242445f56eb5b510160cb3161f81d44278245a190529701ed6a31b37ea723b84a581c4d7e8e

Score

7^/10

Malware Config

Targets

- Target
  
  85371ef0d1d293b4d84ce6a327e09892dd94e22a3a734c5af6d48e752f5c5ac1
- Size
  
  684KB
- MD5
  
  bf44f94844fb046c1686cd77eb180129
- SHA1
  
  2cb89def42979d42344607f851bafd2c19dd8f7d
- SHA256
  
  85371ef0d1d293b4d84ce6a327e09892dd94e22a3a734c5af6d48e752f5c5ac1
- SHA512
  
  8f21d23ea949fb81b21a10a9a914d89950cd861dd54253134caae242445f56eb5b510160cb3161f81d44278245a190529701ed6a31b37ea723b84a581c4d7e8e
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

task1

task2