b9a86bc1ce1143b5f11ce0a65a0533e9c77ef48faaa5e22e2aece58bf66c50b7 | Triage

Sharing

General

Target

b9a86bc1ce1143b5f11ce0a65a0533e9c77ef48faaa5e22e2aece58bf66c50b7
Size

876KB
Sample

221126-vp2nasaf63
MD5

504b4efd9e0b70b321e5a9c133ab48d2
SHA1

a032fb9a3c789c6935ad50e91cf43fe9c6205c66
SHA256

b9a86bc1ce1143b5f11ce0a65a0533e9c77ef48faaa5e22e2aece58bf66c50b7
SHA512

20255cfa0664c7c9a87b8aeb7baa40aba496312f74d5fa0cefface3641eea9b17f09569006c88b3ef44ee7b158f37f41c26bc97bcb686705ad3896b010765560
SSDEEP

24576:NhP6o/E0uGBhwPmJn5WV2Y0tqcGzCaqcBbejB6:NhP6WNuG9J5WV50tqcta5qN6

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b9a86bc1ce1143b5f11ce0a65a0533e9c77ef48faaa5e22e2aece58bf66c50b7
- Size
  
  876KB
- MD5
  
  504b4efd9e0b70b321e5a9c133ab48d2
- SHA1
  
  a032fb9a3c789c6935ad50e91cf43fe9c6205c66
- SHA256
  
  b9a86bc1ce1143b5f11ce0a65a0533e9c77ef48faaa5e22e2aece58bf66c50b7
- SHA512
  
  20255cfa0664c7c9a87b8aeb7baa40aba496312f74d5fa0cefface3641eea9b17f09569006c88b3ef44ee7b158f37f41c26bc97bcb686705ad3896b010765560
- SSDEEP
  
  24576:NhP6o/E0uGBhwPmJn5WV2Y0tqcGzCaqcBbejB6:NhP6WNuG9J5WV50tqcta5qN6
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2