98a55a05d45eea5b36e138bec5cf0f67c37eb433579ce4d213eebb1a6f90d8ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98a55a05d45eea5b36e138bec5cf0f67c37eb433579ce4d213eebb1a6f90d8ea
Size

810KB
Sample

221123-2x9gfaeb6w
MD5

d827f54f07969e3106c06d70b6fb2c71
SHA1

c2be40f33bfba0391f7e579023e52c8dfd11920a
SHA256

98a55a05d45eea5b36e138bec5cf0f67c37eb433579ce4d213eebb1a6f90d8ea
SHA512

e9ba49f7619cde89732cc2115241daa06670e318cd976396dffc195697ec100c83fe176870daeae1f4931b49571c4c05183c57cec52e6d433fbe474d1c79e3f5
SSDEEP

12288:nOOYWFLNwrUzLasT0BcH2SQfZyzXJpn+Cv9tMEegEuRbvKK/qG22:sOlzLFTnH2S6ytt+EoIRbvnSG22

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  98a55a05d45eea5b36e138bec5cf0f67c37eb433579ce4d213eebb1a6f90d8ea
- Size
  
  810KB
- MD5
  
  d827f54f07969e3106c06d70b6fb2c71
- SHA1
  
  c2be40f33bfba0391f7e579023e52c8dfd11920a
- SHA256
  
  98a55a05d45eea5b36e138bec5cf0f67c37eb433579ce4d213eebb1a6f90d8ea
- SHA512
  
  e9ba49f7619cde89732cc2115241daa06670e318cd976396dffc195697ec100c83fe176870daeae1f4931b49571c4c05183c57cec52e6d433fbe474d1c79e3f5
- SSDEEP
  
  12288:nOOYWFLNwrUzLasT0BcH2SQfZyzXJpn+Cv9tMEegEuRbvKK/qG22:sOlzLFTnH2S6ytt+EoIRbvnSG22
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan