edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e | Triage

Submit
Reports

Overview

overview

8

Static

static

edddebdfef...3e.exe

windows7-x64

8

edddebdfef...3e.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e
Size

1015KB
Sample

221020-xzkhwabadj
MD5

45dad23adf40d671a725d5117f7bb470
SHA1

4d2e44b69564efd993c615a03b2e5d2e13351c17
SHA256

edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e
SHA512

608186b8b3b18c3ddf862ae94c8d73efa2853ab7511a7f62c60a533b9472927ad8cedfa37a4ea71010cc9f21ec7abd96fce3c5fa9ef5242a43f1c0b9e3cf8a67
SSDEEP

24576:Jk9BIRVI+mjgdK7iVhnFMPuTKtxVKTgg8id3kIPLysf:a9BIIb37AF0kWVqgOU/

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e.exe

Resource

win7-20220812-en

discovery evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e.exe

Resource

win10v2004-20220812-en

discovery evasion persistence trojan

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e
- Size
  
  1015KB
- MD5
  
  45dad23adf40d671a725d5117f7bb470
- SHA1
  
  4d2e44b69564efd993c615a03b2e5d2e13351c17
- SHA256
  
  edddebdfef0c453a67a10c614ee6d012fe27f885ce98f091fb7b59fb0175003e
- SHA512
  
  608186b8b3b18c3ddf862ae94c8d73efa2853ab7511a7f62c60a533b9472927ad8cedfa37a4ea71010cc9f21ec7abd96fce3c5fa9ef5242a43f1c0b9e3cf8a67
- SSDEEP
  
  24576:Jk9BIRVI+mjgdK7iVhnFMPuTKtxVKTgg8id3kIPLysf:a9BIIb37AF0kWVqgOU/
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Drops startup file
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan

© 2018-2025

Terms | Privacy