b82b578eae9a069b8a9c89a363b33b8e76d0b1856145b9c690da30f37382cd1b | Triage

Sharing

General

Target

b82b578eae9a069b8a9c89a363b33b8e76d0b1856145b9c690da30f37382cd1b
Size

813KB
Sample

221124-n323naca63
MD5

efda10aa49dddde90e9bc232e270a923
SHA1

0162e98983b04004813ccde26b60b2b2cfadfe2f
SHA256

b82b578eae9a069b8a9c89a363b33b8e76d0b1856145b9c690da30f37382cd1b
SHA512

6ab3fe3908c802dc353af4d73ae08fd84dcccb4478b7e2675693014c0d4fc17ce9ac9656eb4380d395ff91f27d580fd6091fdd4c4d8254aa2bba308114f2c524
SSDEEP

12288:QXUToJHeCiiQnoM6V/u9GXxyEYnQc9HwKOdhQG0j+WeLwMe2erI6bIGwkAf1+H0/:Al9Q829rPKez+mq76cPk1J8X

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b82b578eae9a069b8a9c89a363b33b8e76d0b1856145b9c690da30f37382cd1b
- Size
  
  813KB
- MD5
  
  efda10aa49dddde90e9bc232e270a923
- SHA1
  
  0162e98983b04004813ccde26b60b2b2cfadfe2f
- SHA256
  
  b82b578eae9a069b8a9c89a363b33b8e76d0b1856145b9c690da30f37382cd1b
- SHA512
  
  6ab3fe3908c802dc353af4d73ae08fd84dcccb4478b7e2675693014c0d4fc17ce9ac9656eb4380d395ff91f27d580fd6091fdd4c4d8254aa2bba308114f2c524
- SSDEEP
  
  12288:QXUToJHeCiiQnoM6V/u9GXxyEYnQc9HwKOdhQG0j+WeLwMe2erI6bIGwkAf1+H0/:Al9Q829rPKez+mq76cPk1J8X
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan