ac19d0b03a765370830aee6d390a256916031e9790c20ae033e3882acf766b17 | Triage

Sharing

General

Target

ac19d0b03a765370830aee6d390a256916031e9790c20ae033e3882acf766b17
Size

914KB
Sample

221124-cnes2aah88
MD5

089d48d06b670e653d04c8d17d1a77e8
SHA1

1c920817608966b50dc55d94be9468ab2b3ab952
SHA256

ac19d0b03a765370830aee6d390a256916031e9790c20ae033e3882acf766b17
SHA512

e15097758c23ba6fa147daca651276e6d8ce966e71b83e3a76b33b6277501c4e2cf366ce97c5b70a63eb50e2f31e36f55e622ffd0a868aaa6c31087f66a95a4d
SSDEEP

24576:mWfcRhqMUYBjGRkZek2SzOX+th+/N1oRkwzP:LIqMU/RkZen51oR5P

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac19d0b03a765370830aee6d390a256916031e9790c20ae033e3882acf766b17
- Size
  
  914KB
- MD5
  
  089d48d06b670e653d04c8d17d1a77e8
- SHA1
  
  1c920817608966b50dc55d94be9468ab2b3ab952
- SHA256
  
  ac19d0b03a765370830aee6d390a256916031e9790c20ae033e3882acf766b17
- SHA512
  
  e15097758c23ba6fa147daca651276e6d8ce966e71b83e3a76b33b6277501c4e2cf366ce97c5b70a63eb50e2f31e36f55e622ffd0a868aaa6c31087f66a95a4d
- SSDEEP
  
  24576:mWfcRhqMUYBjGRkZek2SzOX+th+/N1oRkwzP:LIqMU/RkZen51oR5P
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2