3bd71162047fe46453f28c709cf909a4d034c5752b6fd8d4a607ecef9051ef53 | Triage

Sharing

General

Target

3bd71162047fe46453f28c709cf909a4d034c5752b6fd8d4a607ecef9051ef53
Size

890KB
Sample

221124-l1z46sac51
MD5

cd1ac199fcb1ca277e9c2f66e01722ef
SHA1

9f2c2fc79c4f07357e9215c2da8dc8b03949cb67
SHA256

3bd71162047fe46453f28c709cf909a4d034c5752b6fd8d4a607ecef9051ef53
SHA512

266431d4cd3811777ef1f46b09c420959d8e067581c5ff83e017e7a3f027035c3f0fb36bdab5e48baee3e2339917321b77b674a8b7ee1d57c5d05deb82feb2fb
SSDEEP

12288:DX+06tuHw2/n4xwaVRCYhFIiNJc+EhgWJTgFOvqm7lQ3/JeS2qjpqo5ywNXuZvFy:r632/OhOWmWYCMCkZoq9uXGQczy6mTWg

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  3bd71162047fe46453f28c709cf909a4d034c5752b6fd8d4a607ecef9051ef53
- Size
  
  890KB
- MD5
  
  cd1ac199fcb1ca277e9c2f66e01722ef
- SHA1
  
  9f2c2fc79c4f07357e9215c2da8dc8b03949cb67
- SHA256
  
  3bd71162047fe46453f28c709cf909a4d034c5752b6fd8d4a607ecef9051ef53
- SHA512
  
  266431d4cd3811777ef1f46b09c420959d8e067581c5ff83e017e7a3f027035c3f0fb36bdab5e48baee3e2339917321b77b674a8b7ee1d57c5d05deb82feb2fb
- SSDEEP
  
  12288:DX+06tuHw2/n4xwaVRCYhFIiNJc+EhgWJTgFOvqm7lQ3/JeS2qjpqo5ywNXuZvFy:r632/OhOWmWYCMCkZoq9uXGQczy6mTWg
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2