a87ea2be74e45e33687df1d09e9e45f460edeadeef1ccb10cbf099e2bd17ccf9 | Triage

Sharing

General

Target

a87ea2be74e45e33687df1d09e9e45f460edeadeef1ccb10cbf099e2bd17ccf9
Size

815KB
Sample

221124-ltdycseg79
MD5

df72bd4e52f015ca8246d942c4983f72
SHA1

38a1510d398e4ea201d07a3b40fd4400c94a3542
SHA256

a87ea2be74e45e33687df1d09e9e45f460edeadeef1ccb10cbf099e2bd17ccf9
SHA512

2a90b12f4f1ce9ab1e977cfdea6e876774edbc8db6d2fe89b8fc83e4b33a26caebb6569a08fb99defa50de047fca42777cbc4b32a3d538507d1f641a3f664b8a
SSDEEP

24576:si0mMYdEwbnwg6xeldTUq8TpN3nmDR/MSIQY:sX8DwleP/o7XmZXY

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a87ea2be74e45e33687df1d09e9e45f460edeadeef1ccb10cbf099e2bd17ccf9
- Size
  
  815KB
- MD5
  
  df72bd4e52f015ca8246d942c4983f72
- SHA1
  
  38a1510d398e4ea201d07a3b40fd4400c94a3542
- SHA256
  
  a87ea2be74e45e33687df1d09e9e45f460edeadeef1ccb10cbf099e2bd17ccf9
- SHA512
  
  2a90b12f4f1ce9ab1e977cfdea6e876774edbc8db6d2fe89b8fc83e4b33a26caebb6569a08fb99defa50de047fca42777cbc4b32a3d538507d1f641a3f664b8a
- SSDEEP
  
  24576:si0mMYdEwbnwg6xeldTUq8TpN3nmDR/MSIQY:sX8DwleP/o7XmZXY
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2