cdebb918ba119b3f04021c02d816913383303dba574a886425cd175049495cd7 | Triage

Sharing

General

Target

cdebb918ba119b3f04021c02d816913383303dba574a886425cd175049495cd7
Size

811KB
Sample

221124-nj7tssag52
MD5

69bba1aed3d398733746a619f96aa0a4
SHA1

cb29b2e9358b9ff3391746543b88c224f4ccd1cb
SHA256

cdebb918ba119b3f04021c02d816913383303dba574a886425cd175049495cd7
SHA512

61b9099c69636d6ef329841c7bab7b5e18b2619f13742e935d69499f416386f336ee6eacfcf824c596f3a8a60a72b7316ddb0adb2197fb9be6c31ddb25515900
SSDEEP

12288:MHLo7ajKHVr7ArqNZ2nFAv1/ufKdbHWn1wwobhQmB9GeXST6Nxe+uMozZo8k:SQdNUK1/ugHK1DobCmLYVdZo8k

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  cdebb918ba119b3f04021c02d816913383303dba574a886425cd175049495cd7
- Size
  
  811KB
- MD5
  
  69bba1aed3d398733746a619f96aa0a4
- SHA1
  
  cb29b2e9358b9ff3391746543b88c224f4ccd1cb
- SHA256
  
  cdebb918ba119b3f04021c02d816913383303dba574a886425cd175049495cd7
- SHA512
  
  61b9099c69636d6ef329841c7bab7b5e18b2619f13742e935d69499f416386f336ee6eacfcf824c596f3a8a60a72b7316ddb0adb2197fb9be6c31ddb25515900
- SSDEEP
  
  12288:MHLo7ajKHVr7ArqNZ2nFAv1/ufKdbHWn1wwobhQmB9GeXST6Nxe+uMozZo8k:SQdNUK1/ugHK1DobCmLYVdZo8k
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan