f0225d2de7e8f1983c5b684f56e646984afd4023bf9a619231fb5005652042a8 | Triage

Sharing

General

Target

f0225d2de7e8f1983c5b684f56e646984afd4023bf9a619231fb5005652042a8
Size

725KB
Sample

191025-fd3zjx6lq6
MD5

3219a058d968347a09536ba41901a5cd
SHA1

c424bd332191bd895327b8d7273b1a0a5c331135
SHA256

f0225d2de7e8f1983c5b684f56e646984afd4023bf9a619231fb5005652042a8
SHA512

51f8f39415905018e57e8e3835dd78498710dc2b63d449674aacd960c9ab68f98b1ef703bd1c38c65fe9bc9cec3ced1c96132a0b5ea16f1f749233ddd7b78a95

Score

9^/10

Malware Config

Targets

- Target
  
  f0225d2de7e8f1983c5b684f56e646984afd4023bf9a619231fb5005652042a8
- Size
  
  725KB
- MD5
  
  3219a058d968347a09536ba41901a5cd
- SHA1
  
  c424bd332191bd895327b8d7273b1a0a5c331135
- SHA256
  
  f0225d2de7e8f1983c5b684f56e646984afd4023bf9a619231fb5005652042a8
- SHA512
  
  51f8f39415905018e57e8e3835dd78498710dc2b63d449674aacd960c9ab68f98b1ef703bd1c38c65fe9bc9cec3ced1c96132a0b5ea16f1f749233ddd7b78a95
Score

9^/10
- Checks processor name in registry (likely anti-VM)
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2