4b24f88cb3672c0c8b0a2d39e52a665a698e40fae9ff0e2930cabb253ee9967d | Triage

Sharing

General

Target

4b24f88cb3672c0c8b0a2d39e52a665a698e40fae9ff0e2930cabb253ee9967d
Size

820KB
Sample

221123-3dqqnacb57
MD5

c141118d673dbf1ed08365de89f9c66e
SHA1

81a06e8b2d272ae698366c12e4c8a6d0c4ac7fae
SHA256

4b24f88cb3672c0c8b0a2d39e52a665a698e40fae9ff0e2930cabb253ee9967d
SHA512

d529440a8099f437f048c4b4d3c03ed9f955ef37ebc399f17d9aa3ecdf3869b9d33f5cac8612522421b3b2914f4a6bac334031b73fad8cffc383923e66d8bb1a
SSDEEP

12288:z1gkMVssiOGsbqgCIdK+cHqZLZul2zld1dn+jDbcRXwxsYq33YT6ZfPJY8iC:z1cGsbhCDULS2Rd1deYgs3tP+8iC

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  4b24f88cb3672c0c8b0a2d39e52a665a698e40fae9ff0e2930cabb253ee9967d
- Size
  
  820KB
- MD5
  
  c141118d673dbf1ed08365de89f9c66e
- SHA1
  
  81a06e8b2d272ae698366c12e4c8a6d0c4ac7fae
- SHA256
  
  4b24f88cb3672c0c8b0a2d39e52a665a698e40fae9ff0e2930cabb253ee9967d
- SHA512
  
  d529440a8099f437f048c4b4d3c03ed9f955ef37ebc399f17d9aa3ecdf3869b9d33f5cac8612522421b3b2914f4a6bac334031b73fad8cffc383923e66d8bb1a
- SSDEEP
  
  12288:z1gkMVssiOGsbqgCIdK+cHqZLZul2zld1dn+jDbcRXwxsYq33YT6ZfPJY8iC:z1cGsbhCDULS2Rd1deYgs3tP+8iC
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan