180b7940ec29883cb88479ff27b71664efe3810101909839d3c79d0d9a067124 | Triage

Sharing

General

Target

180b7940ec29883cb88479ff27b71664efe3810101909839d3c79d0d9a067124
Size

812KB
Sample

221123-3qbr9sda37
MD5

fd103b864b92da202da755f3bda3aceb
SHA1

7906042b21754cdbc4610c5263c763625ce815a1
SHA256

180b7940ec29883cb88479ff27b71664efe3810101909839d3c79d0d9a067124
SHA512

1c6d5487128456dafdb67ce6b0ceafa997584fa796a072edcbf10e450a183f24c4cba2a79c945e79bd42e1b5c9d2b5f12ccd71a725c4b514f74aef1144189b20
SSDEEP

24576:I/1fMXo9OldCKa5+2rfAoKtWDG5d/RCpZAFHWpEeirLXvBh3:I/10Dx+AoKtiGLZCCHYNs3

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  180b7940ec29883cb88479ff27b71664efe3810101909839d3c79d0d9a067124
- Size
  
  812KB
- MD5
  
  fd103b864b92da202da755f3bda3aceb
- SHA1
  
  7906042b21754cdbc4610c5263c763625ce815a1
- SHA256
  
  180b7940ec29883cb88479ff27b71664efe3810101909839d3c79d0d9a067124
- SHA512
  
  1c6d5487128456dafdb67ce6b0ceafa997584fa796a072edcbf10e450a183f24c4cba2a79c945e79bd42e1b5c9d2b5f12ccd71a725c4b514f74aef1144189b20
- SSDEEP
  
  24576:I/1fMXo9OldCKa5+2rfAoKtWDG5d/RCpZAFHWpEeirLXvBh3:I/10Dx+AoKtiGLZCCHYNs3
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan