0c988575222152104872c0e1e9051fe234f76c039be1074f6a6e2dd57fde8015 | Triage

Sharing

General

Target

0c988575222152104872c0e1e9051fe234f76c039be1074f6a6e2dd57fde8015
Size

833KB
Sample

221124-gmq7wsda42
MD5

d061eb01c5259cc9bc29d18b75a7bbfd
SHA1

d746326dce9fcfa8bb89e37dc61f09010f6adca5
SHA256

0c988575222152104872c0e1e9051fe234f76c039be1074f6a6e2dd57fde8015
SHA512

bb065e18a4bb122e078f4015c136fc1ffe15cfdcf92d716044a1d3511a58c49ec612804a12443ddd138d4ee7c53bffb2ad94a00498d42a1847aa412c64c6676a
SSDEEP

24576:InjUCT2D5dj5jP00erA2HHHQ+F1nXFGPNHv1hfkws:InPQ57j80cHQ+PnXFGPF1hfLs

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  0c988575222152104872c0e1e9051fe234f76c039be1074f6a6e2dd57fde8015
- Size
  
  833KB
- MD5
  
  d061eb01c5259cc9bc29d18b75a7bbfd
- SHA1
  
  d746326dce9fcfa8bb89e37dc61f09010f6adca5
- SHA256
  
  0c988575222152104872c0e1e9051fe234f76c039be1074f6a6e2dd57fde8015
- SHA512
  
  bb065e18a4bb122e078f4015c136fc1ffe15cfdcf92d716044a1d3511a58c49ec612804a12443ddd138d4ee7c53bffb2ad94a00498d42a1847aa412c64c6676a
- SSDEEP
  
  24576:InjUCT2D5dj5jP00erA2HHHQ+F1nXFGPNHv1hfkws:InPQ57j80cHQ+PnXFGPF1hfLs
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan