aae3d82380e72a18724ea184162dab97c3a9ba06c4d99dd179d633adc9660a5e | Triage

Sharing

General

Target

aae3d82380e72a18724ea184162dab97c3a9ba06c4d99dd179d633adc9660a5e
Size

855KB
Sample

221124-gyphfadf79
MD5

eeac9ad429fa7a60febe1f8de53aadcf
SHA1

062adee6533d9fd7222fdc78f3a6380315f55e5f
SHA256

aae3d82380e72a18724ea184162dab97c3a9ba06c4d99dd179d633adc9660a5e
SHA512

6100c84b316a1d434818d5b9834c9258db789cd1b443f3ed54fbc5e07353458d5707237a7980bed946e7e254f03c9ecb5c4595b1347f4dbfe9f1d02a0938b01a
SSDEEP

12288:/Z4/avQy9NU85lJj1zbt5JajDw3/D6p4lQfpLxVtJkmXpvFeKX3vux10ifCoYsF:R4/aXNU85lJ1fB2p42xLxr/n81TnpF

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  aae3d82380e72a18724ea184162dab97c3a9ba06c4d99dd179d633adc9660a5e
- Size
  
  855KB
- MD5
  
  eeac9ad429fa7a60febe1f8de53aadcf
- SHA1
  
  062adee6533d9fd7222fdc78f3a6380315f55e5f
- SHA256
  
  aae3d82380e72a18724ea184162dab97c3a9ba06c4d99dd179d633adc9660a5e
- SHA512
  
  6100c84b316a1d434818d5b9834c9258db789cd1b443f3ed54fbc5e07353458d5707237a7980bed946e7e254f03c9ecb5c4595b1347f4dbfe9f1d02a0938b01a
- SSDEEP
  
  12288:/Z4/avQy9NU85lJj1zbt5JajDw3/D6p4lQfpLxVtJkmXpvFeKX3vux10ifCoYsF:R4/aXNU85lJ1fB2p42xLxr/n81TnpF
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan