44ddaf9d0609769559bc088ac983237b30f7b6c985a95ec08c245f3606a111e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44ddaf9d0609769559bc088ac983237b30f7b6c985a95ec08c245f3606a111e4
Size

882KB
Sample

221029-mvmsbsdehn
MD5

db13bb3d3b1c21cbae0eaffd3efa987c
SHA1

33f760e41a3c5506c67c90b8a8c1027946e20072
SHA256

44ddaf9d0609769559bc088ac983237b30f7b6c985a95ec08c245f3606a111e4
SHA512

2f37caf1b2bad6dd9d93f9980be7c4504d44b940e3a2e96114d572e99ed107cd168474855be84232c4c082ab455ea457ea1204572335107b462e1cb9813650a3
SSDEEP

24576:LGfxTpFFQm7nlry5QD1QK3GwakO1lSYAmw1SJtUYgV:L8XQ8le5m39gANjV

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  44ddaf9d0609769559bc088ac983237b30f7b6c985a95ec08c245f3606a111e4
- Size
  
  882KB
- MD5
  
  db13bb3d3b1c21cbae0eaffd3efa987c
- SHA1
  
  33f760e41a3c5506c67c90b8a8c1027946e20072
- SHA256
  
  44ddaf9d0609769559bc088ac983237b30f7b6c985a95ec08c245f3606a111e4
- SHA512
  
  2f37caf1b2bad6dd9d93f9980be7c4504d44b940e3a2e96114d572e99ed107cd168474855be84232c4c082ab455ea457ea1204572335107b462e1cb9813650a3
- SSDEEP
  
  24576:LGfxTpFFQm7nlry5QD1QK3GwakO1lSYAmw1SJtUYgV:L8XQ8le5m39gANjV
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2