74bec14e77146923dae84d4aeb0ca036182b967f4ee69818c972d1c19906eede | Triage

Analysis

max time kernel
149s
max time network
155s
platform
windows10_x64
resource
win10-ja-20211208
submitted
11-02-2022 07:59

Sharing

Report Analysis Logs

General

Target

Leaf.xNet.dll
Size

129KB
MD5

ea87f37e78fb9af4bf805f6e958f68f4
SHA1

89662fed195d7b9d65ab7ba8605a3cd953f2b06a
SHA256

de9aea105f31f3541cbc5c460b0160d0689a2872d80748ca1456e6e223f0a4aa
SHA512

c56bd03142258c6dcb712d1352d2548a055fbb726ee200949d847cb2d23d9c52442b1435be0df0bf355701a2c1a3c47cd05b96972501f457d2d401501d33d83a

Score

6^/10

evasion trojan

Malware Config

Signatures

Checks whether UAC is enabled 1 TTPs 1 IoCs
evasion trojan

System Information Discovery
T1082

Processes:

rundll32.exe

description ioc process

Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA rundll32.exe

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\Leaf.xNet.dll,#1
1⤵
- Checks whether UAC is enabled
PID:4200

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...