3a1dbf777acec5fc3616cb90bd4e2ea35980f0e8cb8eb2cad1cb70c86d80c3dc | Triage

Sharing

General

Target

3a1dbf777acec5fc3616cb90bd4e2ea35980f0e8cb8eb2cad1cb70c86d80c3dc
Size

867KB
Sample

221029-sdctpacdbr
MD5

c3ff327d60a0fef0b7423c06097852bc
SHA1

946b35828a2722bca721b5032bfec0146ea4d2c8
SHA256

3a1dbf777acec5fc3616cb90bd4e2ea35980f0e8cb8eb2cad1cb70c86d80c3dc
SHA512

6bb1e9f161902f5fa3ebc7ade0b2b7a7db5087786360a55e2753f8a9f92b435f7cd909dcebfc464fd29f2df3dc43ceb9eceafb49178dddf7e007a7a1c9df31d0
SSDEEP

12288:VrClF68stpFW+OMpdgb9sdfa4YFOY1p2cXSaxDbYdfDDDbuoqc69agImJDgJaT81:Alh+pdgz7OY1EySAboXHnhaT8u5VS6E

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  3a1dbf777acec5fc3616cb90bd4e2ea35980f0e8cb8eb2cad1cb70c86d80c3dc
- Size
  
  867KB
- MD5
  
  c3ff327d60a0fef0b7423c06097852bc
- SHA1
  
  946b35828a2722bca721b5032bfec0146ea4d2c8
- SHA256
  
  3a1dbf777acec5fc3616cb90bd4e2ea35980f0e8cb8eb2cad1cb70c86d80c3dc
- SHA512
  
  6bb1e9f161902f5fa3ebc7ade0b2b7a7db5087786360a55e2753f8a9f92b435f7cd909dcebfc464fd29f2df3dc43ceb9eceafb49178dddf7e007a7a1c9df31d0
- SSDEEP
  
  12288:VrClF68stpFW+OMpdgb9sdfa4YFOY1p2cXSaxDbYdfDDDbuoqc69agImJDgJaT81:Alh+pdgz7OY1EySAboXHnhaT8u5VS6E
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2