6dfad6a84944727171b2baf404989ca5267fd235c38d834d9192407c325f9be0 | Triage

Sharing

General

Target

6dfad6a84944727171b2baf404989ca5267fd235c38d834d9192407c325f9be0
Size

877KB
Sample

221029-knlkksadbk
MD5

a22dce1d860ffe73c05b074303afcfae
SHA1

05a9ccfb5bac7a1d695258beea080cc4ed1bb317
SHA256

6dfad6a84944727171b2baf404989ca5267fd235c38d834d9192407c325f9be0
SHA512

541632d59fc5fddaa9d210fc1051063ed3e96edb846b459c5d3f7a767c34f4439dbe402826b8561437b036da32985e4f9d76d1354d84bfe13f4e238be16d4d3a
SSDEEP

24576:HyX4UfsajjXGCI7I2fpAp43d6gx92K8uoEj5i:e42saXl4Ap0dy07di

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  6dfad6a84944727171b2baf404989ca5267fd235c38d834d9192407c325f9be0
- Size
  
  877KB
- MD5
  
  a22dce1d860ffe73c05b074303afcfae
- SHA1
  
  05a9ccfb5bac7a1d695258beea080cc4ed1bb317
- SHA256
  
  6dfad6a84944727171b2baf404989ca5267fd235c38d834d9192407c325f9be0
- SHA512
  
  541632d59fc5fddaa9d210fc1051063ed3e96edb846b459c5d3f7a767c34f4439dbe402826b8561437b036da32985e4f9d76d1354d84bfe13f4e238be16d4d3a
- SSDEEP
  
  24576:HyX4UfsajjXGCI7I2fpAp43d6gx92K8uoEj5i:e42saXl4Ap0dy07di
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2