411ee2d26cec2e0b03939fca2294e212e4fd21ceff40d11083677874ec5427b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

411ee2d26cec2e0b03939fca2294e212e4fd21ceff40d11083677874ec5427b3
Size

875KB
Sample

221127-cpn34acd59
MD5

a6f198d1a82ce3eb1f7be8ca69bc3361
SHA1

8e8ed655438a8715d1618977327256547774e6d4
SHA256

411ee2d26cec2e0b03939fca2294e212e4fd21ceff40d11083677874ec5427b3
SHA512

324fc8b68631e60d34678aa0db92078b23e8216e4cabacca42b9f6c494bdf44555cccc14e2ac6c1226d411baa2bf71a22f3e95e9cf40e624813904da8d13f447
SSDEEP

12288:AzivH+mHVCnF4Asyp7WhNc2vMdu622rWhrGzN3+Orfn7ad8j4yu41yEyHxipaUPH:Az9ycq8u6nyYN7tjbcEyR89s9GNpOY

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  411ee2d26cec2e0b03939fca2294e212e4fd21ceff40d11083677874ec5427b3
- Size
  
  875KB
- MD5
  
  a6f198d1a82ce3eb1f7be8ca69bc3361
- SHA1
  
  8e8ed655438a8715d1618977327256547774e6d4
- SHA256
  
  411ee2d26cec2e0b03939fca2294e212e4fd21ceff40d11083677874ec5427b3
- SHA512
  
  324fc8b68631e60d34678aa0db92078b23e8216e4cabacca42b9f6c494bdf44555cccc14e2ac6c1226d411baa2bf71a22f3e95e9cf40e624813904da8d13f447
- SSDEEP
  
  12288:AzivH+mHVCnF4Asyp7WhNc2vMdu622rWhrGzN3+Orfn7ad8j4yu41yEyHxipaUPH:Az9ycq8u6nyYN7tjbcEyR89s9GNpOY
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2