ba2b007e9481e6e448a9f0462b16b34cf5ec518887c31ecc3a138b2fd9a162eb | Triage

Sharing

General

Target

ba2b007e9481e6e448a9f0462b16b34cf5ec518887c31ecc3a138b2fd9a162eb
Size

814KB
Sample

221123-2pam5sad72
MD5

d1e4a06856e3f2d3f2351a0cafd2f9d2
SHA1

e2b1b965c2476f62d3e76b969c31057ea456d6a4
SHA256

ba2b007e9481e6e448a9f0462b16b34cf5ec518887c31ecc3a138b2fd9a162eb
SHA512

259302e9d2864f4b5ce5d6700e8f0f4b2553ba0f8994ba8c814f38b91554a8d0cbe8bacc213b4122e651bdfea91a73c6283c1d91c6067f15eb490d9a45aaa2b6
SSDEEP

24576:LJ693gWQ7Rn8LbZnOIu7KHNQbGaymAJuu2vvM:LJoIKk57+NQSfaM

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ba2b007e9481e6e448a9f0462b16b34cf5ec518887c31ecc3a138b2fd9a162eb
- Size
  
  814KB
- MD5
  
  d1e4a06856e3f2d3f2351a0cafd2f9d2
- SHA1
  
  e2b1b965c2476f62d3e76b969c31057ea456d6a4
- SHA256
  
  ba2b007e9481e6e448a9f0462b16b34cf5ec518887c31ecc3a138b2fd9a162eb
- SHA512
  
  259302e9d2864f4b5ce5d6700e8f0f4b2553ba0f8994ba8c814f38b91554a8d0cbe8bacc213b4122e651bdfea91a73c6283c1d91c6067f15eb490d9a45aaa2b6
- SSDEEP
  
  24576:LJ693gWQ7Rn8LbZnOIu7KHNQbGaymAJuu2vvM:LJoIKk57+NQSfaM
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan