abea0f7a128c3f1066ce3e5f94bb6ef1f136f1942e0ac731b7b015b9d4cc6cc0 | Triage

Sharing

General

Target

abea0f7a128c3f1066ce3e5f94bb6ef1f136f1942e0ac731b7b015b9d4cc6cc0
Size

877KB
Sample

221124-eqdpvsgb96
MD5

24f29458105aab44f72e985830856f9b
SHA1

d7157472772fbb8bab417321fe8151925c795948
SHA256

abea0f7a128c3f1066ce3e5f94bb6ef1f136f1942e0ac731b7b015b9d4cc6cc0
SHA512

23128d26267590ce1fbac567e7818f8e9244498b17707c853c6a363c8d9ecca04ce606d4dc9b699d0bb54beae2f74e847cfe0a9e78b5f4f90ad045770baf40f5
SSDEEP

24576:MoLRdW3L8r/QmtqsC8W1gnfRYGBlt7rtCmnUS:MSYIrQoMunfNhJBUS

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  abea0f7a128c3f1066ce3e5f94bb6ef1f136f1942e0ac731b7b015b9d4cc6cc0
- Size
  
  877KB
- MD5
  
  24f29458105aab44f72e985830856f9b
- SHA1
  
  d7157472772fbb8bab417321fe8151925c795948
- SHA256
  
  abea0f7a128c3f1066ce3e5f94bb6ef1f136f1942e0ac731b7b015b9d4cc6cc0
- SHA512
  
  23128d26267590ce1fbac567e7818f8e9244498b17707c853c6a363c8d9ecca04ce606d4dc9b699d0bb54beae2f74e847cfe0a9e78b5f4f90ad045770baf40f5
- SSDEEP
  
  24576:MoLRdW3L8r/QmtqsC8W1gnfRYGBlt7rtCmnUS:MSYIrQoMunfNhJBUS
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2