3cd6c77d3e4b25d25bca7e8c0681574068cd8d338a3389c3993cb1a52603463d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3cd6c77d3e4b25d25bca7e8c0681574068cd8d338a3389c3993cb1a52603463d
Size

875KB
Sample

221029-nstzasecb6
MD5

fda941918366eb61ecd0558b1689be9a
SHA1

756b55a527c9a771bde9a86d40370b81b8bbd675
SHA256

3cd6c77d3e4b25d25bca7e8c0681574068cd8d338a3389c3993cb1a52603463d
SHA512

9a47ce4949249a011228f095b9e12d309a9f9f39feab7dcf66cfefa2fde44d6c4c9a3e95147f3332c299e8efc02edf19cd549a46f0f7f60e272db26c76215822
SSDEEP

24576:VB1G3R9J1Ky9N9TlwwbvSgS6CJZXoiAtFnmPQb/HFquYf:ZG3TKAxpwFXWH3/HFSf

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  3cd6c77d3e4b25d25bca7e8c0681574068cd8d338a3389c3993cb1a52603463d
- Size
  
  875KB
- MD5
  
  fda941918366eb61ecd0558b1689be9a
- SHA1
  
  756b55a527c9a771bde9a86d40370b81b8bbd675
- SHA256
  
  3cd6c77d3e4b25d25bca7e8c0681574068cd8d338a3389c3993cb1a52603463d
- SHA512
  
  9a47ce4949249a011228f095b9e12d309a9f9f39feab7dcf66cfefa2fde44d6c4c9a3e95147f3332c299e8efc02edf19cd549a46f0f7f60e272db26c76215822
- SSDEEP
  
  24576:VB1G3R9J1Ky9N9TlwwbvSgS6CJZXoiAtFnmPQb/HFquYf:ZG3TKAxpwFXWH3/HFSf
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2