b0d97e7feeee703fd843ff0a8b7ff628741c2dbc65e82d72d5fc0baadfc988e7 | Triage

Sharing

General

Target

b0d97e7feeee703fd843ff0a8b7ff628741c2dbc65e82d72d5fc0baadfc988e7
Size

810KB
Sample

221125-raapgsce32
MD5

4127aede6f16ff29f0aa2e07bf8cc974
SHA1

6c78fe26650d3e63e2340022ece3fdb0944d94fd
SHA256

b0d97e7feeee703fd843ff0a8b7ff628741c2dbc65e82d72d5fc0baadfc988e7
SHA512

f176bb65fc531176882b36e6aca068baffee1539de8eb0c431b940f113631ef6e2e3b3f1280d552fb85f171665dd5a912c7e54593857392bf797bc9c8f837e0f
SSDEEP

24576:YtiSLkhcW53HU2rYX3+98Iyv4NUN40BlPddwc2wxOK:Yg0khv9kQJqN40z1d79UK

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b0d97e7feeee703fd843ff0a8b7ff628741c2dbc65e82d72d5fc0baadfc988e7
- Size
  
  810KB
- MD5
  
  4127aede6f16ff29f0aa2e07bf8cc974
- SHA1
  
  6c78fe26650d3e63e2340022ece3fdb0944d94fd
- SHA256
  
  b0d97e7feeee703fd843ff0a8b7ff628741c2dbc65e82d72d5fc0baadfc988e7
- SHA512
  
  f176bb65fc531176882b36e6aca068baffee1539de8eb0c431b940f113631ef6e2e3b3f1280d552fb85f171665dd5a912c7e54593857392bf797bc9c8f837e0f
- SSDEEP
  
  24576:YtiSLkhcW53HU2rYX3+98Iyv4NUN40BlPddwc2wxOK:Yg0khv9kQJqN40z1d79UK
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan