da4c1ae99fcb3dee741264b00695df7e31b61d3a467737f5e99e900b770b8c3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da4c1ae99fcb3dee741264b00695df7e31b61d3a467737f5e99e900b770b8c3a
Size

804KB
Sample

221127-e6s5gsdf8v
MD5

043b98c2641f24cd80653d68574396c9
SHA1

66a63fa265aa4ab165e57bb3637038d454175f78
SHA256

da4c1ae99fcb3dee741264b00695df7e31b61d3a467737f5e99e900b770b8c3a
SHA512

f32cf8eb154dadb05435df3577c8d9837c6a4b6dec94b66309aa798351f6e92dd75ad2b427772829b8d9b7b447f9ebcb13810da941cfed1c13a23e1ae615bee7
SSDEEP

24576:ca9UL2PINfA6rSJ/XBXLyvHGvi1UZBTiTVbkCy7UJ6zBli:cZrdW/x7wHGvzTekCy7UQDi

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  da4c1ae99fcb3dee741264b00695df7e31b61d3a467737f5e99e900b770b8c3a
- Size
  
  804KB
- MD5
  
  043b98c2641f24cd80653d68574396c9
- SHA1
  
  66a63fa265aa4ab165e57bb3637038d454175f78
- SHA256
  
  da4c1ae99fcb3dee741264b00695df7e31b61d3a467737f5e99e900b770b8c3a
- SHA512
  
  f32cf8eb154dadb05435df3577c8d9837c6a4b6dec94b66309aa798351f6e92dd75ad2b427772829b8d9b7b447f9ebcb13810da941cfed1c13a23e1ae615bee7
- SSDEEP
  
  24576:ca9UL2PINfA6rSJ/XBXLyvHGvi1UZBTiTVbkCy7UJ6zBli:cZrdW/x7wHGvzTekCy7UQDi
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan