ab55236162b38342e16ecd0e590c0252beb2ad596d42915bd43067d208583474 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ab55236162b38342e16ecd0e590c0252beb2ad596d42915bd43067d208583474
Size

1.0MB
Sample

221107-ms95vacbb7
MD5

0f1610b94b757b38902a2c933622f525
SHA1

1c3687d1bedd817a0b0df053bb16662ff5ae0fa4
SHA256

ab55236162b38342e16ecd0e590c0252beb2ad596d42915bd43067d208583474
SHA512

75a1abd75f86feec3fade768d807e9ae2fb8acfb5847d7d8a80f9b935e43b448d9e625ec43bb766e78220fe05f79c872c282701a145f36811f86ea4d6d0e4844
SSDEEP

12288:VGkiM218EeXgcmwtSwLZtkINQ8vVqInJOOGSibISCio3fDYjXggjVODGbc1fxM3I:V3i518Ee0OV2tTIdioML7kgsM3CB

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ab55236162b38342e16ecd0e590c0252beb2ad596d42915bd43067d208583474
- Size
  
  1.0MB
- MD5
  
  0f1610b94b757b38902a2c933622f525
- SHA1
  
  1c3687d1bedd817a0b0df053bb16662ff5ae0fa4
- SHA256
  
  ab55236162b38342e16ecd0e590c0252beb2ad596d42915bd43067d208583474
- SHA512
  
  75a1abd75f86feec3fade768d807e9ae2fb8acfb5847d7d8a80f9b935e43b448d9e625ec43bb766e78220fe05f79c872c282701a145f36811f86ea4d6d0e4844
- SSDEEP
  
  12288:VGkiM218EeXgcmwtSwLZtkINQ8vVqInJOOGSibISCio3fDYjXggjVODGbc1fxM3I:V3i518Ee0OV2tTIdioML7kgsM3CB
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan