d19ac81b4a76cad7068ab9ece9411f167ebfca210e8972facfb9b2c00f2bb2af | Triage

Sharing

General

Target

d19ac81b4a76cad7068ab9ece9411f167ebfca210e8972facfb9b2c00f2bb2af
Size

878KB
Sample

221126-3hd8esgd4t
MD5

9c82f9c277f70a416f52040f1e7f691b
SHA1

aad31c2763c39ef2d50957c6cb3bcd8f4b9a90a6
SHA256

d19ac81b4a76cad7068ab9ece9411f167ebfca210e8972facfb9b2c00f2bb2af
SHA512

483f4f665a8a525e9b0020a65c8f338490cd73b763cc7387e9bf240769786ef1d9a4d1dbd1da4d7a0cf360291af246c8456ac81ebfd35d44aee980214e93e476
SSDEEP

12288:CkMy1XMipSO+EAfs1E559Oh5RaH5M9riBxUVN1yjiyth5886H3z1ug/AFruWRkH:Ck5+A1ET45Rc5/xUp0in86Hf/AFiWRkH

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  d19ac81b4a76cad7068ab9ece9411f167ebfca210e8972facfb9b2c00f2bb2af
- Size
  
  878KB
- MD5
  
  9c82f9c277f70a416f52040f1e7f691b
- SHA1
  
  aad31c2763c39ef2d50957c6cb3bcd8f4b9a90a6
- SHA256
  
  d19ac81b4a76cad7068ab9ece9411f167ebfca210e8972facfb9b2c00f2bb2af
- SHA512
  
  483f4f665a8a525e9b0020a65c8f338490cd73b763cc7387e9bf240769786ef1d9a4d1dbd1da4d7a0cf360291af246c8456ac81ebfd35d44aee980214e93e476
- SSDEEP
  
  12288:CkMy1XMipSO+EAfs1E559Oh5RaH5M9riBxUVN1yjiyth5886H3z1ug/AFruWRkH:Ck5+A1ET45Rc5/xUp0in86Hf/AFiWRkH
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2