c749a6444c3792947634ea1f0fc4868d89b0752a993e34d3e8f7be6e8058e12b | Triage

Sharing

General

Target

c749a6444c3792947634ea1f0fc4868d89b0752a993e34d3e8f7be6e8058e12b
Size

865KB
Sample

221124-gdlk2sfd5t
MD5

df120fb9155db72f4d6ae86ed29e3b18
SHA1

70c1ae0cb1531e372b3c1436b31f7897a7750ee5
SHA256

c749a6444c3792947634ea1f0fc4868d89b0752a993e34d3e8f7be6e8058e12b
SHA512

217fb4551f8d1f55ba69d636a2768ff7ea7e1ff1036e6bfcf1e757091dbf0177eea1ff1bb11be9891874be35eec5a5940566121693d7bae73a632d1581d3e18d
SSDEEP

24576:j+Jxf4KAvCV4jC0eyj44LL1DY1ZBjn9Ujjx3L23:j+7f4nd+0NpLpDujn9Kdi3

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  c749a6444c3792947634ea1f0fc4868d89b0752a993e34d3e8f7be6e8058e12b
- Size
  
  865KB
- MD5
  
  df120fb9155db72f4d6ae86ed29e3b18
- SHA1
  
  70c1ae0cb1531e372b3c1436b31f7897a7750ee5
- SHA256
  
  c749a6444c3792947634ea1f0fc4868d89b0752a993e34d3e8f7be6e8058e12b
- SHA512
  
  217fb4551f8d1f55ba69d636a2768ff7ea7e1ff1036e6bfcf1e757091dbf0177eea1ff1bb11be9891874be35eec5a5940566121693d7bae73a632d1581d3e18d
- SSDEEP
  
  24576:j+Jxf4KAvCV4jC0eyj44LL1DY1ZBjn9Ujjx3L23:j+7f4nd+0NpLpDujn9Kdi3
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan