fa62458809c352b2bd169761b7e443907992f22f99de2f70a4f01e6dfbc58389 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa62458809c352b2bd169761b7e443907992f22f99de2f70a4f01e6dfbc58389
Size

855KB
Sample

221123-19exxscd4v
MD5

1a064decb7394cd161e94139d0f7d447
SHA1

0764b396c97bcca65255684193c31a1ff7fe5e33
SHA256

fa62458809c352b2bd169761b7e443907992f22f99de2f70a4f01e6dfbc58389
SHA512

abc1aaba719d26653e403ef752f1919422fcfcfe1dc00fc9122c83fc17edac98cb7f6d91b376eb3685abc6e7530ba7531556bb53be4134535517cb5c6fec894f
SSDEEP

12288:kV4/avQh9NklU6yTVanTWp6idv+4YcsJvrET5qH3vCxrn/w0SC0K2yd/bso:S4/a+N47TWp6iv+4YDBrE8a27CTnd/Ao

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  fa62458809c352b2bd169761b7e443907992f22f99de2f70a4f01e6dfbc58389
- Size
  
  855KB
- MD5
  
  1a064decb7394cd161e94139d0f7d447
- SHA1
  
  0764b396c97bcca65255684193c31a1ff7fe5e33
- SHA256
  
  fa62458809c352b2bd169761b7e443907992f22f99de2f70a4f01e6dfbc58389
- SHA512
  
  abc1aaba719d26653e403ef752f1919422fcfcfe1dc00fc9122c83fc17edac98cb7f6d91b376eb3685abc6e7530ba7531556bb53be4134535517cb5c6fec894f
- SSDEEP
  
  12288:kV4/avQh9NklU6yTVanTWp6idv+4YcsJvrET5qH3vCxrn/w0SC0K2yd/bso:S4/a+N47TWp6iv+4YDBrE8a27CTnd/Ao
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan