f82ddc908fb177e5c8c13dad6f5120cd060bbe06a104488de0c60f4f31d30a1d | Triage

Sharing

General

Target

f82ddc908fb177e5c8c13dad6f5120cd060bbe06a104488de0c60f4f31d30a1d
Size

814KB
Sample

221124-g5zlzshb5y
MD5

32f482b2f0d032a6d677f43affa1a318
SHA1

3173c092e862bd494748ee31b4b0e87aff37b799
SHA256

f82ddc908fb177e5c8c13dad6f5120cd060bbe06a104488de0c60f4f31d30a1d
SHA512

23d68173d026f996acc1f815eb16136d262bb8b7504aa61df19a829b0bf17a4ef290fa050b4cb8d7f4d40b0986b32a77beacfd00a95aea09f5e7bf50666dfdb0
SSDEEP

24576:d8S93gWS1FnhsJWoeRAxdEUGrYFmiH/M7vb:d8w6zhsJOAxCNrtiHsb

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f82ddc908fb177e5c8c13dad6f5120cd060bbe06a104488de0c60f4f31d30a1d
- Size
  
  814KB
- MD5
  
  32f482b2f0d032a6d677f43affa1a318
- SHA1
  
  3173c092e862bd494748ee31b4b0e87aff37b799
- SHA256
  
  f82ddc908fb177e5c8c13dad6f5120cd060bbe06a104488de0c60f4f31d30a1d
- SHA512
  
  23d68173d026f996acc1f815eb16136d262bb8b7504aa61df19a829b0bf17a4ef290fa050b4cb8d7f4d40b0986b32a77beacfd00a95aea09f5e7bf50666dfdb0
- SSDEEP
  
  24576:d8S93gWS1FnhsJWoeRAxdEUGrYFmiH/M7vb:d8w6zhsJOAxCNrtiHsb
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan