ab68f5c4e7267129b352f036ba4a2cbbf56e8df8cf9becc16961721f1b30d651 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab68f5c4e7267129b352f036ba4a2cbbf56e8df8cf9becc16961721f1b30d651
Size

843KB
Sample

221107-lzdvjsdbbr
MD5

64bc13fd5498bf749a073dac67f112ca
SHA1

37f6770c7d8bde1b6e7b2b373c3fc4d9802f1507
SHA256

ab68f5c4e7267129b352f036ba4a2cbbf56e8df8cf9becc16961721f1b30d651
SHA512

693fb805daadcbd4526da1e82aad40f6dc93b59e69aeaabd2bd9d65b1d938b47f18bea6b51265b834352e3497a71211fa743de5d871984c2139dd256eb30b770
SSDEEP

12288:vn1F3SR/3yS8IZ0R6z8k2lGyxD5InvG8C8pUkba5y0MAzwMbAWVEc4EMxeggve6q:vnj3IT2M+d8pnbaIazwMcEZHfm69PX4

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ab68f5c4e7267129b352f036ba4a2cbbf56e8df8cf9becc16961721f1b30d651
- Size
  
  843KB
- MD5
  
  64bc13fd5498bf749a073dac67f112ca
- SHA1
  
  37f6770c7d8bde1b6e7b2b373c3fc4d9802f1507
- SHA256
  
  ab68f5c4e7267129b352f036ba4a2cbbf56e8df8cf9becc16961721f1b30d651
- SHA512
  
  693fb805daadcbd4526da1e82aad40f6dc93b59e69aeaabd2bd9d65b1d938b47f18bea6b51265b834352e3497a71211fa743de5d871984c2139dd256eb30b770
- SSDEEP
  
  12288:vn1F3SR/3yS8IZ0R6z8k2lGyxD5InvG8C8pUkba5y0MAzwMbAWVEc4EMxeggve6q:vnj3IT2M+d8pnbaIazwMcEZHfm69PX4
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan