fffd81e5c39d354a54a7d777df45fb9c7fd96f4b30da8ea1bb18415a1a00ec98 | Triage

Sharing

General

Target

fffd81e5c39d354a54a7d777df45fb9c7fd96f4b30da8ea1bb18415a1a00ec98
Size

822KB
Sample

221124-px7xdsea32
MD5

48ac6758c3aef4f817c46d47bad13796
SHA1

5d07c71312410559098cbe86ca9641201805cf48
SHA256

fffd81e5c39d354a54a7d777df45fb9c7fd96f4b30da8ea1bb18415a1a00ec98
SHA512

118fb174324cdbb395fd7494c777667e925333cbb75d7a0700ce3bc356a196425ce5a35923be73bfbff24ae7862c388bead24ace6495da98b2903429c3945e98
SSDEEP

24576:f3QgPUj7EgjkUSttrU2rqE+2NzK26Id5w/thpsy:v6XVSttrpFdNzp5d5wRsy

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  fffd81e5c39d354a54a7d777df45fb9c7fd96f4b30da8ea1bb18415a1a00ec98
- Size
  
  822KB
- MD5
  
  48ac6758c3aef4f817c46d47bad13796
- SHA1
  
  5d07c71312410559098cbe86ca9641201805cf48
- SHA256
  
  fffd81e5c39d354a54a7d777df45fb9c7fd96f4b30da8ea1bb18415a1a00ec98
- SHA512
  
  118fb174324cdbb395fd7494c777667e925333cbb75d7a0700ce3bc356a196425ce5a35923be73bfbff24ae7862c388bead24ace6495da98b2903429c3945e98
- SSDEEP
  
  24576:f3QgPUj7EgjkUSttrU2rqE+2NzK26Id5w/thpsy:v6XVSttrpFdNzp5d5wRsy
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan