ab7197b2514c427c4106f696f207e5d551737df35fd56afeaa4b2f547ba7138d | Triage

Sharing

General

Target

ab7197b2514c427c4106f696f207e5d551737df35fd56afeaa4b2f547ba7138d
Size

815KB
Sample

221107-lmax5acedj
MD5

3ff711f48ca8be3232e7c01f512bf664
SHA1

235a4e0d61e9a083bac588719f276cbca1cab50d
SHA256

ab7197b2514c427c4106f696f207e5d551737df35fd56afeaa4b2f547ba7138d
SHA512

876eb80000f539ed2368bca5f5d53e739a23cc8e32b70994b2cfe4642302eceda486da507d90a7c0547383f1f333fafeed70e71b219221df8564c315c638adfb
SSDEEP

12288:8iYC0KZiIZOxpu9q1c+ELEUSCm1RwAcTg9XTzhh1gMZgk5BH0sP7++zf8Cg7ZEP3:7zZV8w7U/B1aOPNOZEP8zlSjigEeDcO/

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ab7197b2514c427c4106f696f207e5d551737df35fd56afeaa4b2f547ba7138d
- Size
  
  815KB
- MD5
  
  3ff711f48ca8be3232e7c01f512bf664
- SHA1
  
  235a4e0d61e9a083bac588719f276cbca1cab50d
- SHA256
  
  ab7197b2514c427c4106f696f207e5d551737df35fd56afeaa4b2f547ba7138d
- SHA512
  
  876eb80000f539ed2368bca5f5d53e739a23cc8e32b70994b2cfe4642302eceda486da507d90a7c0547383f1f333fafeed70e71b219221df8564c315c638adfb
- SSDEEP
  
  12288:8iYC0KZiIZOxpu9q1c+ELEUSCm1RwAcTg9XTzhh1gMZgk5BH0sP7++zf8Cg7ZEP3:7zZV8w7U/B1aOPNOZEP8zlSjigEeDcO/
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan