f2d62c6275110f2031c1aab78170f2f9075fdd08bcdafe8c9539c4297786841e | Triage

Sharing

General

Target

f2d62c6275110f2031c1aab78170f2f9075fdd08bcdafe8c9539c4297786841e
Size

816KB
Sample

221124-gafwdsfb6z
MD5

8894f1d96dfdd174b9929089a58b3425
SHA1

7ee5672ff67bb1b76d9b76d0569ac0c514e1664e
SHA256

f2d62c6275110f2031c1aab78170f2f9075fdd08bcdafe8c9539c4297786841e
SHA512

ff724c65c99c856d89a2c820e51e4587f6fc1fd012a3c74720198e86dc50e280da27e7617796cf3ee729a5189e74e536b8e499d9c51f0a4965f20fc4cf82c0fe
SSDEEP

12288:LnCm/imvJN5x6YFGIN6QIlu/mk/zcal5mc4oF7XTIHn2oglxwxTTMTmFWDdsqBxY:L1H6QIkuk/tmcjPQnIExfCDd/BxXo

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f2d62c6275110f2031c1aab78170f2f9075fdd08bcdafe8c9539c4297786841e
- Size
  
  816KB
- MD5
  
  8894f1d96dfdd174b9929089a58b3425
- SHA1
  
  7ee5672ff67bb1b76d9b76d0569ac0c514e1664e
- SHA256
  
  f2d62c6275110f2031c1aab78170f2f9075fdd08bcdafe8c9539c4297786841e
- SHA512
  
  ff724c65c99c856d89a2c820e51e4587f6fc1fd012a3c74720198e86dc50e280da27e7617796cf3ee729a5189e74e536b8e499d9c51f0a4965f20fc4cf82c0fe
- SSDEEP
  
  12288:LnCm/imvJN5x6YFGIN6QIlu/mk/zcal5mc4oF7XTIHn2oglxwxTTMTmFWDdsqBxY:L1H6QIkuk/tmcjPQnIExfCDd/BxXo
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan