bfaafa1f16c512606a0ef1b9a0cf2d366de6332ceede7d27abb65ca15a86a0c3 | Triage

Sharing

General

Target

bfaafa1f16c512606a0ef1b9a0cf2d366de6332ceede7d27abb65ca15a86a0c3
Size

882KB
Sample

221029-qhknzshefn
MD5

545506b7d70fd3f4e93af42f73551f3a
SHA1

2d5b96ce3a9783d8c8a3b8b3204022c3674b7fef
SHA256

bfaafa1f16c512606a0ef1b9a0cf2d366de6332ceede7d27abb65ca15a86a0c3
SHA512

a0035c41606390faea3a6ff2db4cffb2a2454fdfb48c41927af62d9e18419224e179463e2be2e7d0c976a004dc7f90f1de8ee02e9534d33f0c762126b1352710
SSDEEP

24576:tkLj9qMNv1xfMXEhnyRxROGHZE4Dnq8A+mqfh:tkdJNLoEhnAxzK4L7xh

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  bfaafa1f16c512606a0ef1b9a0cf2d366de6332ceede7d27abb65ca15a86a0c3
- Size
  
  882KB
- MD5
  
  545506b7d70fd3f4e93af42f73551f3a
- SHA1
  
  2d5b96ce3a9783d8c8a3b8b3204022c3674b7fef
- SHA256
  
  bfaafa1f16c512606a0ef1b9a0cf2d366de6332ceede7d27abb65ca15a86a0c3
- SHA512
  
  a0035c41606390faea3a6ff2db4cffb2a2454fdfb48c41927af62d9e18419224e179463e2be2e7d0c976a004dc7f90f1de8ee02e9534d33f0c762126b1352710
- SSDEEP
  
  24576:tkLj9qMNv1xfMXEhnyRxROGHZE4Dnq8A+mqfh:tkdJNLoEhnAxzK4L7xh
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2