ac0d61551f2761b281c19603a45a3583db8579482956ee50b323249dd8f98a5c | Triage

Sharing

General

Target

ac0d61551f2761b281c19603a45a3583db8579482956ee50b323249dd8f98a5c
Size

792KB
Sample

221124-c6cfmacb39
MD5

362522a889f67f311c17a2949a4ddddb
SHA1

3167eadbd8d6a6d9ea56a39143f284a888ca3696
SHA256

ac0d61551f2761b281c19603a45a3583db8579482956ee50b323249dd8f98a5c
SHA512

4d6732520ddc990a432cfe186a2a5b1a5f7cc1a61beae52f96d3ddaed87775d98a85cfc3ef5d9fd0bddf89d993a73fc238eff7ff81c0a4d2c5bda2a5fbec6db5
SSDEEP

24576:NBqEZoMloxvrJRf41tx9/96fpQTjJ31I/ZLOGoG:NkEqMloPRwt3M/ZOG

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac0d61551f2761b281c19603a45a3583db8579482956ee50b323249dd8f98a5c
- Size
  
  792KB
- MD5
  
  362522a889f67f311c17a2949a4ddddb
- SHA1
  
  3167eadbd8d6a6d9ea56a39143f284a888ca3696
- SHA256
  
  ac0d61551f2761b281c19603a45a3583db8579482956ee50b323249dd8f98a5c
- SHA512
  
  4d6732520ddc990a432cfe186a2a5b1a5f7cc1a61beae52f96d3ddaed87775d98a85cfc3ef5d9fd0bddf89d993a73fc238eff7ff81c0a4d2c5bda2a5fbec6db5
- SSDEEP
  
  24576:NBqEZoMloxvrJRf41tx9/96fpQTjJ31I/ZLOGoG:NkEqMloPRwt3M/ZOG
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan