f61126a6d17b2d126a7f31b142504dce4934f7989c55f1c13c6477b3fe80b3d2 | Triage

Sharing

General

Target

f61126a6d17b2d126a7f31b142504dce4934f7989c55f1c13c6477b3fe80b3d2
Size

3.8MB
Sample

191025-atgf7d8yaj
MD5

efa72d3ed0120a07326ce02f051e9b42
SHA1

8edf758f92513094a94e50b7826cd6f2b7696b8c
SHA256

f61126a6d17b2d126a7f31b142504dce4934f7989c55f1c13c6477b3fe80b3d2
SHA512

e5db496471970e358af5fdb6d02853fd45bfca1aa89d49ba8644622c28610f09a4b85c2387407b9d33a4055965e0b5e184704c161741ac69250327449da12122

Score

7^/10

Malware Config

Targets

- Target
  
  f61126a6d17b2d126a7f31b142504dce4934f7989c55f1c13c6477b3fe80b3d2
- Size
  
  3.8MB
- MD5
  
  efa72d3ed0120a07326ce02f051e9b42
- SHA1
  
  8edf758f92513094a94e50b7826cd6f2b7696b8c
- SHA256
  
  f61126a6d17b2d126a7f31b142504dce4934f7989c55f1c13c6477b3fe80b3d2
- SHA512
  
  e5db496471970e358af5fdb6d02853fd45bfca1aa89d49ba8644622c28610f09a4b85c2387407b9d33a4055965e0b5e184704c161741ac69250327449da12122
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2