b66a5d391335b6dc827225b6531f172151d8a87c7514de789bcaf1999b0645ff | Triage

Sharing

General

Target

4qohdkiq
Size

354KB
Sample

200713-7fawjx3sa6
MD5

4f368bfca1b7b37c26062ed76b52326c
SHA1

6bc9bdb529d692cf0369db7f95a9e71eb7b74b6c
SHA256

b66a5d391335b6dc827225b6531f172151d8a87c7514de789bcaf1999b0645ff
SHA512

5dcacfb12eaa5f1dfaf997fa4803bc73a0532885b19969ef8968975b3b40bbed52ec6307221a4f36e112ddcb200bb945c86fa0b7cff6e1f82dfd28bd80478697

Score

8^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  4qohdkiq
- Size
  
  354KB
- MD5
  
  4f368bfca1b7b37c26062ed76b52326c
- SHA1
  
  6bc9bdb529d692cf0369db7f95a9e71eb7b74b6c
- SHA256
  
  b66a5d391335b6dc827225b6531f172151d8a87c7514de789bcaf1999b0645ff
- SHA512
  
  5dcacfb12eaa5f1dfaf997fa4803bc73a0532885b19969ef8968975b3b40bbed52ec6307221a4f36e112ddcb200bb945c86fa0b7cff6e1f82dfd28bd80478697
Score

8^/10

evasion trojan discovery
- Blacklisted process makes network request
- Checks for installed software on the system
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojandiscovery

behavioral2

evasiontrojandiscovery