7c69a72cf256aa8b91a646645024710b5840b853c54f02a26e92fe74fc192613 | Triage

Sharing

General

Target

7c69a72cf256aa8b91a646645024710b5840b853c54f02a26e92fe74fc192613
Size

357KB
Sample

191025-hq28gwst56
MD5

d9adefa426250f682f24fdf60ba49259
SHA1

c6cce4a5499077a36e781a37c4ba2bf7b248d2f0
SHA256

7c69a72cf256aa8b91a646645024710b5840b853c54f02a26e92fe74fc192613
SHA512

71b627e03387525371a55a9dec620b523e7eaebd956325cc277e2c37ade282bb47eff7cb58a18363a9d01f3a341b8772dbabd16c30c4b44717c1382cbbb86623

Score

7^/10

Malware Config

Targets

- Target
  
  7c69a72cf256aa8b91a646645024710b5840b853c54f02a26e92fe74fc192613
- Size
  
  357KB
- MD5
  
  d9adefa426250f682f24fdf60ba49259
- SHA1
  
  c6cce4a5499077a36e781a37c4ba2bf7b248d2f0
- SHA256
  
  7c69a72cf256aa8b91a646645024710b5840b853c54f02a26e92fe74fc192613
- SHA512
  
  71b627e03387525371a55a9dec620b523e7eaebd956325cc277e2c37ade282bb47eff7cb58a18363a9d01f3a341b8772dbabd16c30c4b44717c1382cbbb86623
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2