28be90ae5b3823cd943fe73f40b0848a51acbff9c8c3e8e895113ebecec363c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28be90ae5b3823cd943fe73f40b0848a51acbff9c8c3e8e895113ebecec363c2
Size

811KB
Sample

221127-1qn2gsfd2v
MD5

c32fe749f77a0ee08d98f26690625a1b
SHA1

83fcf49793f9229b6be8a6dcb39025fcf1ad898a
SHA256

28be90ae5b3823cd943fe73f40b0848a51acbff9c8c3e8e895113ebecec363c2
SHA512

4825877e70674f7dc202493a1ef3f6f6abc39035612d1480afb0f1fe259e57d498c08fcf6ea88f32a05af021a4271cf52693830e985315e9ce6e9156c019af00
SSDEEP

12288:ODjxPyJyxiBaEY3VJcjrppoVpYKRDBtCDBlUMeer3hUIXws43Bq4q:WVyU3Xc/r6iKFYXeYnXwsx4q

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  28be90ae5b3823cd943fe73f40b0848a51acbff9c8c3e8e895113ebecec363c2
- Size
  
  811KB
- MD5
  
  c32fe749f77a0ee08d98f26690625a1b
- SHA1
  
  83fcf49793f9229b6be8a6dcb39025fcf1ad898a
- SHA256
  
  28be90ae5b3823cd943fe73f40b0848a51acbff9c8c3e8e895113ebecec363c2
- SHA512
  
  4825877e70674f7dc202493a1ef3f6f6abc39035612d1480afb0f1fe259e57d498c08fcf6ea88f32a05af021a4271cf52693830e985315e9ce6e9156c019af00
- SSDEEP
  
  12288:ODjxPyJyxiBaEY3VJcjrppoVpYKRDBtCDBlUMeer3hUIXws43Bq4q:WVyU3Xc/r6iKFYXeYnXwsx4q
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan