4926c75e330b65f38f41386b42a402298672fa466e2a26f65d8420974c39fda0 | Triage

Submit
Reports

Overview

overview

Static

static

trojan-rem...79.exe

windows7-x64

trojan-rem...79.exe

windows10-2004-x64

Sharing

General

Target

trojan-remover-6-9-5-build-2979.exe
Size

13.9MB
Sample

221105-1zcptaaaa6
MD5

d9b2800a8a86996172ec18f1cb48786a
SHA1

d2c558564f0f322c0647b36d82d1e98921e58587
SHA256

4926c75e330b65f38f41386b42a402298672fa466e2a26f65d8420974c39fda0
SHA512

391f18d5127327499cb537b4e6b92011624f836e48c0f35c1954a8897fbb828ed5482fbcf3f1aba3549e39cca5fd22a499876c4a81b8ee45621304fa0d3801df
SSDEEP

393216:q3Hft0T7yG9QKWsKPrTYyi2JwEivFQrzPaUwL:kl0PgJsekcivSrzPwL

Score

10^/10

discovery persistence

Static task

static1

Behavioral task

behavioral1

Sample

trojan-remover-6-9-5-build-2979.exe

Resource

win7-20220812-en

discovery persistence

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

trojan-remover-6-9-5-build-2979.exe

Resource

win10v2004-20220901-en

discovery persistence

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Targets

- Target
  
  trojan-remover-6-9-5-build-2979.exe
- Size
  
  13.9MB
- MD5
  
  d9b2800a8a86996172ec18f1cb48786a
- SHA1
  
  d2c558564f0f322c0647b36d82d1e98921e58587
- SHA256
  
  4926c75e330b65f38f41386b42a402298672fa466e2a26f65d8420974c39fda0
- SHA512
  
  391f18d5127327499cb537b4e6b92011624f836e48c0f35c1954a8897fbb828ed5482fbcf3f1aba3549e39cca5fd22a499876c4a81b8ee45621304fa0d3801df
- SSDEEP
  
  393216:q3Hft0T7yG9QKWsKPrTYyi2JwEivFQrzPaUwL:kl0PgJsekcivSrzPwL
Score

10^/10

discovery persistence
- Modifies system executable filetype association
  persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Sets file execution options in registry
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Change Default File Association

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistence

© 2018-2025

Terms | Privacy