130f7a2e3bac80a9ff6604440991b904137566f59a1975ebf2a39fa8cfbd8686 | Triage

Sharing

General

Target

130f7a2e3bac80a9ff6604440991b904137566f59a1975ebf2a39fa8cfbd8686
Size

871KB
Sample

221125-x3s97ahg29
MD5

f870708fe7eea31af8c5f87dc61c8bfa
SHA1

2a4e57e7eddcae04611eaf5b969bcc913ba7c358
SHA256

130f7a2e3bac80a9ff6604440991b904137566f59a1975ebf2a39fa8cfbd8686
SHA512

02adf067759833a05d26ef9241a53903fe7b3e5280009145414ac50de683cba4764110d478916ddea0a6ce27078bfd33d3061b1bb90f06f4ef2ba27a689f0c47
SSDEEP

24576:xEl5C4iWgQznKACSYPVBlmsEmiHSAzC7M/wH:iK4i2FYPk/HbcjH

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  130f7a2e3bac80a9ff6604440991b904137566f59a1975ebf2a39fa8cfbd8686
- Size
  
  871KB
- MD5
  
  f870708fe7eea31af8c5f87dc61c8bfa
- SHA1
  
  2a4e57e7eddcae04611eaf5b969bcc913ba7c358
- SHA256
  
  130f7a2e3bac80a9ff6604440991b904137566f59a1975ebf2a39fa8cfbd8686
- SHA512
  
  02adf067759833a05d26ef9241a53903fe7b3e5280009145414ac50de683cba4764110d478916ddea0a6ce27078bfd33d3061b1bb90f06f4ef2ba27a689f0c47
- SSDEEP
  
  24576:xEl5C4iWgQznKACSYPVBlmsEmiHSAzC7M/wH:iK4i2FYPk/HbcjH
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2