f4f9cb845ae501f4928879b1d0865496e2391532dc018585a8f0846f37d67665 | Triage

Sharing

General

Target

f4f9cb845ae501f4928879b1d0865496e2391532dc018585a8f0846f37d67665
Size

878KB
Sample

221125-xbmckafe39
MD5

3c1d05f208c2858ccfb0030767e5d358
SHA1

90dc70951c834c98ac8a5c3a07c9b2773b8d1da1
SHA256

f4f9cb845ae501f4928879b1d0865496e2391532dc018585a8f0846f37d67665
SHA512

b1df870fd06b469855114be4c92695f5dec85b7a20b8b71a11284c10412f7e50c3453a0b17901376aa7a0f4c0fec794426972b7bece0c51c528185e169801ece
SSDEEP

12288:ykky1vgygSO+EAfsJdCGYZwWKmlEAhLrXkTJnRvLqOcn7n+HUcF2nCbmk8:yki+AJ4udLAZI/vLqr7n+HULnCbmk8

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f4f9cb845ae501f4928879b1d0865496e2391532dc018585a8f0846f37d67665
- Size
  
  878KB
- MD5
  
  3c1d05f208c2858ccfb0030767e5d358
- SHA1
  
  90dc70951c834c98ac8a5c3a07c9b2773b8d1da1
- SHA256
  
  f4f9cb845ae501f4928879b1d0865496e2391532dc018585a8f0846f37d67665
- SHA512
  
  b1df870fd06b469855114be4c92695f5dec85b7a20b8b71a11284c10412f7e50c3453a0b17901376aa7a0f4c0fec794426972b7bece0c51c528185e169801ece
- SSDEEP
  
  12288:ykky1vgygSO+EAfsJdCGYZwWKmlEAhLrXkTJnRvLqOcn7n+HUcF2nCbmk8:yki+AJ4udLAZI/vLqr7n+HULnCbmk8
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2