114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd | Triage

Sharing

General

Target

114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd
Size

277KB
Sample

191025-gxl2rah9tn
MD5

e3083483121cd288264f8c5624fb2cd1
SHA1

144a1dd6714ff4b5675c32f428d1899e500140a5
SHA256

114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd
SHA512

b14314784600881699a1fb3f45beb4ebeba72fd5bbf3e81329d84ff3220b0c48b0ac1602fff2aa80feda7e403b4a9c7d102890d9b96a042f52fac85d411f46da

Score

7^/10

Malware Config

Targets

- Target
  
  114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd
- Size
  
  277KB
- MD5
  
  e3083483121cd288264f8c5624fb2cd1
- SHA1
  
  144a1dd6714ff4b5675c32f428d1899e500140a5
- SHA256
  
  114ccacb7ca57c01f3540611fdf49e68416544da8d8077f5896434a4b71b01dd
- SHA512
  
  b14314784600881699a1fb3f45beb4ebeba72fd5bbf3e81329d84ff3220b0c48b0ac1602fff2aa80feda7e403b4a9c7d102890d9b96a042f52fac85d411f46da
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2