95ecc10062a2e14c0250d319a974677a742ea4794e6d0af740ec2bbe13ddd245 | Triage

Sharing

General

Target

95ecc10062a2e14c0250d319a974677a742ea4794e6d0af740ec2bbe13ddd245
Size

734KB
Sample

221030-enpz4sbdh7
MD5

a30da600b2468026d38313f35fd84960
SHA1

35e2b6a670ff766ba92dc1db4a47700ec8d5bb70
SHA256

95ecc10062a2e14c0250d319a974677a742ea4794e6d0af740ec2bbe13ddd245
SHA512

c020551111f86d09a70772669ff840838a80a20c68e52c2714d04f8e905b417d01971a92446e440d8973cfa65d7daa5b1b4e1a74657513656c9a5cd49476a99c
SSDEEP

12288:QhC71id9ZwcR9v9gmE4Kah1n8kkoTE2S5lq+pUcxMIiCiblxw27coMr:QhCEZ5zaT4ND8kkz5lq+Dig27coy

Score

8^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  95ecc10062a2e14c0250d319a974677a742ea4794e6d0af740ec2bbe13ddd245
- Size
  
  734KB
- MD5
  
  a30da600b2468026d38313f35fd84960
- SHA1
  
  35e2b6a670ff766ba92dc1db4a47700ec8d5bb70
- SHA256
  
  95ecc10062a2e14c0250d319a974677a742ea4794e6d0af740ec2bbe13ddd245
- SHA512
  
  c020551111f86d09a70772669ff840838a80a20c68e52c2714d04f8e905b417d01971a92446e440d8973cfa65d7daa5b1b4e1a74657513656c9a5cd49476a99c
- SSDEEP
  
  12288:QhC71id9ZwcR9v9gmE4Kah1n8kkoTE2S5lq+pUcxMIiCiblxw27coMr:QhCEZ5zaT4ND8kkz5lq+Dig27coy
Score

8^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan