ac0e8ba3b0b7484a208f20c7d89efdd94b7f7704c6fbeb9220fef410b35b486d | Triage

Sharing

General

Target

ac0e8ba3b0b7484a208f20c7d89efdd94b7f7704c6fbeb9220fef410b35b486d
Size

684KB
Sample

221124-c44r4afc8s
MD5

6d0f77fbdf7a7b8f539d9cdbf40a07ab
SHA1

461bf7a05378c0b5c9af1cf2139c96058191eae9
SHA256

ac0e8ba3b0b7484a208f20c7d89efdd94b7f7704c6fbeb9220fef410b35b486d
SHA512

e304e2ecf5b238d9380d3cd8fd9b9eb7c4df102aeac0128ed167c32f370d176474b5e1c73956e47de2652d8adea496b123b905ed9a423b2007626ced7a792f5c
SSDEEP

12288:1/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9AlK:1sD18Xa1A3YBZffJWCNhjeFTIfMUvOlK

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac0e8ba3b0b7484a208f20c7d89efdd94b7f7704c6fbeb9220fef410b35b486d
- Size
  
  684KB
- MD5
  
  6d0f77fbdf7a7b8f539d9cdbf40a07ab
- SHA1
  
  461bf7a05378c0b5c9af1cf2139c96058191eae9
- SHA256
  
  ac0e8ba3b0b7484a208f20c7d89efdd94b7f7704c6fbeb9220fef410b35b486d
- SHA512
  
  e304e2ecf5b238d9380d3cd8fd9b9eb7c4df102aeac0128ed167c32f370d176474b5e1c73956e47de2652d8adea496b123b905ed9a423b2007626ced7a792f5c
- SSDEEP
  
  12288:1/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9AlK:1sD18Xa1A3YBZffJWCNhjeFTIfMUvOlK
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan