1ce3de79d76b57c636cffac04b9d6a53214165a5a36ba7910f297a9b4319aca1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ce3de79d76b57c636cffac04b9d6a53214165a5a36ba7910f297a9b4319aca1
Size

874KB
Sample

221106-31elxaahfm
MD5

f957794fc6a40ef9b877e725877f0164
SHA1

44306051dad30cb0e9d110ff72e8a9b8b797c994
SHA256

1ce3de79d76b57c636cffac04b9d6a53214165a5a36ba7910f297a9b4319aca1
SHA512

d8cb2078d63aa9a165247b4eb6a3bd3dd3923fe0fca8fc8ee708b41290fd0fa23e82d65122ab4128ecbe299bfd57a8934ede4459c5cb98f16fea07f143c28068
SSDEEP

12288:EdukM8siHAHvKb6+8DZk32IKhls0bwVnWlC9KKP7yIl3Tpg5LwPfU2hCw9txil1:7OAHvM6Pm3L8wVWYIKT76xAU246tcl1

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  1ce3de79d76b57c636cffac04b9d6a53214165a5a36ba7910f297a9b4319aca1
- Size
  
  874KB
- MD5
  
  f957794fc6a40ef9b877e725877f0164
- SHA1
  
  44306051dad30cb0e9d110ff72e8a9b8b797c994
- SHA256
  
  1ce3de79d76b57c636cffac04b9d6a53214165a5a36ba7910f297a9b4319aca1
- SHA512
  
  d8cb2078d63aa9a165247b4eb6a3bd3dd3923fe0fca8fc8ee708b41290fd0fa23e82d65122ab4128ecbe299bfd57a8934ede4459c5cb98f16fea07f143c28068
- SSDEEP
  
  12288:EdukM8siHAHvKb6+8DZk32IKhls0bwVnWlC9KKP7yIl3Tpg5LwPfU2hCw9txil1:7OAHvM6Pm3L8wVWYIKT76xAU246tcl1
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2