3b16c5de1e5cf2051621655d549dd72880a03368bc7ff801484ebf541bf7e1ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b16c5de1e5cf2051621655d549dd72880a03368bc7ff801484ebf541bf7e1ec
Size

856KB
Sample

221123-3glacacd68
MD5

d5f61391ed1ab3514f46fab857389b4b
SHA1

1a06dff38d18af7945217145a9f4caf6b5e33c1c
SHA256

3b16c5de1e5cf2051621655d549dd72880a03368bc7ff801484ebf541bf7e1ec
SHA512

db0520c0679300cc0a8a42f2dad28d49c011a02b7271afd595ffa67b13a0cf06f7e83a16a212dfb36967b58999dd34db5430493cc94ffe4e56637c12fd2bca1b
SSDEEP

24576:NxSnqcBXGh9NI7adAd3m0ZFmxs2e3fIeHuuK:vSnqcBa9Kee1nF2e3fIs3K

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  3b16c5de1e5cf2051621655d549dd72880a03368bc7ff801484ebf541bf7e1ec
- Size
  
  856KB
- MD5
  
  d5f61391ed1ab3514f46fab857389b4b
- SHA1
  
  1a06dff38d18af7945217145a9f4caf6b5e33c1c
- SHA256
  
  3b16c5de1e5cf2051621655d549dd72880a03368bc7ff801484ebf541bf7e1ec
- SHA512
  
  db0520c0679300cc0a8a42f2dad28d49c011a02b7271afd595ffa67b13a0cf06f7e83a16a212dfb36967b58999dd34db5430493cc94ffe4e56637c12fd2bca1b
- SSDEEP
  
  24576:NxSnqcBXGh9NI7adAd3m0ZFmxs2e3fIeHuuK:vSnqcBa9Kee1nF2e3fIs3K
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan