0980f182d03db05a33546c656e9a9bf349318af8da71315a1a7a2453144f66a5 | Triage

Sharing

General

Target

__DF6131F9DB3EE88370
Size

354KB
Sample

200713-thsqxy8lyn
MD5

65ffe13c7569cf80adf68af23088d2b0
SHA1

3e488cde94e45ddc5841aeb30a6a9640db726001
SHA256

0980f182d03db05a33546c656e9a9bf349318af8da71315a1a7a2453144f66a5
SHA512

244b68ee243d032cb688e065bd86fe575cde3d96b4d7dc4f886c29c84cb0b0763affe638e15fe5d0a7d9eca9899c87f014ca4eb575c637aba622de5336de341e

Score

8^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  __DF6131F9DB3EE88370
- Size
  
  354KB
- MD5
  
  65ffe13c7569cf80adf68af23088d2b0
- SHA1
  
  3e488cde94e45ddc5841aeb30a6a9640db726001
- SHA256
  
  0980f182d03db05a33546c656e9a9bf349318af8da71315a1a7a2453144f66a5
- SHA512
  
  244b68ee243d032cb688e065bd86fe575cde3d96b4d7dc4f886c29c84cb0b0763affe638e15fe5d0a7d9eca9899c87f014ca4eb575c637aba622de5336de341e
Score

8^/10

evasion trojan discovery
- Blacklisted process makes network request
- Checks for installed software on the system
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojandiscovery

behavioral2

evasiontrojandiscovery