615ba8e054fb3f6a85708820b31b2fc19462752f1e798289ac15c902126ffa91 | Triage

Sharing

General

Target

615ba8e054fb3f6a85708820b31b2fc19462752f1e798289ac15c902126ffa91
Size

804KB
Sample

221124-pw2zraha8v
MD5

f318c86f9984b9991dd0f47e0775b275
SHA1

2662c2db9587db2f00a1fbce7ef655fafd51e5e5
SHA256

615ba8e054fb3f6a85708820b31b2fc19462752f1e798289ac15c902126ffa91
SHA512

5b703508b488f38a919d2eae15d8d85b35609359e635bb9e9ac7ff1216d63838ee93b380b74b627162f22b5193d18f54bb6ab8423dd6ffdd57229cd997026647
SSDEEP

24576:Fad4oCbpD2AF0cNhkkx2UdN4qRk7UJ6z8D4:FrBP0cUkXdN5k7UQc4

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  615ba8e054fb3f6a85708820b31b2fc19462752f1e798289ac15c902126ffa91
- Size
  
  804KB
- MD5
  
  f318c86f9984b9991dd0f47e0775b275
- SHA1
  
  2662c2db9587db2f00a1fbce7ef655fafd51e5e5
- SHA256
  
  615ba8e054fb3f6a85708820b31b2fc19462752f1e798289ac15c902126ffa91
- SHA512
  
  5b703508b488f38a919d2eae15d8d85b35609359e635bb9e9ac7ff1216d63838ee93b380b74b627162f22b5193d18f54bb6ab8423dd6ffdd57229cd997026647
- SSDEEP
  
  24576:Fad4oCbpD2AF0cNhkkx2UdN4qRk7UJ6z8D4:FrBP0cUkXdN5k7UQc4
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan