1db706ac021a80ba961fe42a123a6e51b91c17e248e9b2a680400951683f5598 | Triage

Sharing

General

Target

1db706ac021a80ba961fe42a123a6e51b91c17e248e9b2a680400951683f5598
Size

808KB
Sample

221127-1sc21afe2v
MD5

fe7c519f0c1dc8f5543823af2df93830
SHA1

9c7cb85acfb3fb4b78d60741f4f81f61cbb2f1b9
SHA256

1db706ac021a80ba961fe42a123a6e51b91c17e248e9b2a680400951683f5598
SHA512

16aa906adeae805a2218d1fefb6c48e4dd140fe97f1dac851a8a1cc422811baa6cc796e6639219f63c5c192aa24a2e6608c9f561d6e6c28cd0fb323a1fd7202c
SSDEEP

12288:jMWY6n74NOno79asT+pb+uxF5+V26nMIWvdhSmrUiRJY6CLWl+nHCxemFUMLtAu:zWO09asT6Rd+463khSziLBwWdvFUyAu

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  1db706ac021a80ba961fe42a123a6e51b91c17e248e9b2a680400951683f5598
- Size
  
  808KB
- MD5
  
  fe7c519f0c1dc8f5543823af2df93830
- SHA1
  
  9c7cb85acfb3fb4b78d60741f4f81f61cbb2f1b9
- SHA256
  
  1db706ac021a80ba961fe42a123a6e51b91c17e248e9b2a680400951683f5598
- SHA512
  
  16aa906adeae805a2218d1fefb6c48e4dd140fe97f1dac851a8a1cc422811baa6cc796e6639219f63c5c192aa24a2e6608c9f561d6e6c28cd0fb323a1fd7202c
- SSDEEP
  
  12288:jMWY6n74NOno79asT+pb+uxF5+V26nMIWvdhSmrUiRJY6CLWl+nHCxemFUMLtAu:zWO09asT6Rd+463khSziLBwWdvFUyAu
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan