756cd9a54a877e8d9905b6cfc6b15eb2451f74e0eb2b3ca991b7cbb66a9e7c4d | Triage

Sharing

General

Target

756cd9a54a877e8d9905b6cfc6b15eb2451f74e0eb2b3ca991b7cbb66a9e7c4d
Size

35KB
Sample

191025-arm4r2h3bj
MD5

b24573a99af6ad74604f09fa08ea1196
SHA1

29cb88a1b23337dc8a988400691c75938f6749fc
SHA256

756cd9a54a877e8d9905b6cfc6b15eb2451f74e0eb2b3ca991b7cbb66a9e7c4d
SHA512

3e2d1a53dfcee8a0ccccfb1deb89c8ddafac7f8db8926974822af619901c60c86720f02ea5e1746169588588d935f29295b90f2f32ca2f705fad724467574443

Score

7^/10

Malware Config

Targets

- Target
  
  756cd9a54a877e8d9905b6cfc6b15eb2451f74e0eb2b3ca991b7cbb66a9e7c4d
- Size
  
  35KB
- MD5
  
  b24573a99af6ad74604f09fa08ea1196
- SHA1
  
  29cb88a1b23337dc8a988400691c75938f6749fc
- SHA256
  
  756cd9a54a877e8d9905b6cfc6b15eb2451f74e0eb2b3ca991b7cbb66a9e7c4d
- SHA512
  
  3e2d1a53dfcee8a0ccccfb1deb89c8ddafac7f8db8926974822af619901c60c86720f02ea5e1746169588588d935f29295b90f2f32ca2f705fad724467574443
Score

7^/10
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2