88a4bd3836222752cf228954579f84a41acba1cd9b6e1ac323fb5854fb5ea126 | Triage

Sharing

General

Target

88a4bd3836222752cf228954579f84a41acba1cd9b6e1ac323fb5854fb5ea126
Size

237KB
Sample

191025-jkz2kswjts
MD5

27f046b8e36916265e3ad671378534b7
SHA1

d13fe418b399c7e097d120ee99296ea93d82f7de
SHA256

88a4bd3836222752cf228954579f84a41acba1cd9b6e1ac323fb5854fb5ea126
SHA512

2c22bfcc7dfc7ae69382ca276d4bd338b5cd160768b56076af69e01a76dc8fcf3a7f4d333c7e545aabe0cc86042056bcefdf25becedab3214b739544549c62a2

Score

7^/10

Malware Config

Targets

- Target
  
  88a4bd3836222752cf228954579f84a41acba1cd9b6e1ac323fb5854fb5ea126
- Size
  
  237KB
- MD5
  
  27f046b8e36916265e3ad671378534b7
- SHA1
  
  d13fe418b399c7e097d120ee99296ea93d82f7de
- SHA256
  
  88a4bd3836222752cf228954579f84a41acba1cd9b6e1ac323fb5854fb5ea126
- SHA512
  
  2c22bfcc7dfc7ae69382ca276d4bd338b5cd160768b56076af69e01a76dc8fcf3a7f4d333c7e545aabe0cc86042056bcefdf25becedab3214b739544549c62a2
Score

7^/10
- Windows security modification
  evasion trojan
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
- Suspicious use of SetThreadContext
task1 task2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

task1

task2