963e6b796571dd5d688317dd1d45eab37ab3aebcb9bd7ff61c8d8cc72b90624d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

963e6b796571dd5d688317dd1d45eab37ab3aebcb9bd7ff61c8d8cc72b90624d
Size

876KB
Sample

221126-3t8w6sdg88
MD5

9baa1d81d03dcc736c0f835530cadf0b
SHA1

b4c5ee82ef743dd67bbf4337665ffba9b2d6940c
SHA256

963e6b796571dd5d688317dd1d45eab37ab3aebcb9bd7ff61c8d8cc72b90624d
SHA512

e7c5281bcc02d391b9862eccf7d06886248fc6f09f2d7bda9cc4a68a6c62ae76e1b4b37295ac8bb3b03af84448ed3ba9ecdee0bfc0d0001217e11c89cd9643cd
SSDEEP

12288:jpLNNAVF856BKFbFkU9h4CI5QgndamL9qWaspzOvFJ1umBMCCVMoYsi6eDYfu:jt4FMgaFkW4P5939qlSuXQJecfu

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  963e6b796571dd5d688317dd1d45eab37ab3aebcb9bd7ff61c8d8cc72b90624d
- Size
  
  876KB
- MD5
  
  9baa1d81d03dcc736c0f835530cadf0b
- SHA1
  
  b4c5ee82ef743dd67bbf4337665ffba9b2d6940c
- SHA256
  
  963e6b796571dd5d688317dd1d45eab37ab3aebcb9bd7ff61c8d8cc72b90624d
- SHA512
  
  e7c5281bcc02d391b9862eccf7d06886248fc6f09f2d7bda9cc4a68a6c62ae76e1b4b37295ac8bb3b03af84448ed3ba9ecdee0bfc0d0001217e11c89cd9643cd
- SSDEEP
  
  12288:jpLNNAVF856BKFbFkU9h4CI5QgndamL9qWaspzOvFJ1umBMCCVMoYsi6eDYfu:jt4FMgaFkW4P5939qlSuXQJecfu
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2