fb766ae38fd5dda6a51c9f21fec4f801d4c265d38493cb06a95979913123ce6a | Triage

Sharing

General

Target

fb766ae38fd5dda6a51c9f21fec4f801d4c265d38493cb06a95979913123ce6a
Size

844KB
Sample

221127-eq86rscf7v
MD5

654961e0a9d9d3b8e9ebe4a80f974116
SHA1

83dcbe6a9df31687d29cacbfd641b059bc95973f
SHA256

fb766ae38fd5dda6a51c9f21fec4f801d4c265d38493cb06a95979913123ce6a
SHA512

010cbc3cecc92bc56f452b12ec9dad1bf280b157c875bf1126d1f412427436d94fbf5ada1480bf41a7d569a175b13d26cebdd6c727588dcefb3c35557422c672
SSDEEP

24576:uhMSI/HeSozz9JrDhYyAbeFsACXKRTipQh:kMSI/He/zDr1FAbeFsrCTimh

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  fb766ae38fd5dda6a51c9f21fec4f801d4c265d38493cb06a95979913123ce6a
- Size
  
  844KB
- MD5
  
  654961e0a9d9d3b8e9ebe4a80f974116
- SHA1
  
  83dcbe6a9df31687d29cacbfd641b059bc95973f
- SHA256
  
  fb766ae38fd5dda6a51c9f21fec4f801d4c265d38493cb06a95979913123ce6a
- SHA512
  
  010cbc3cecc92bc56f452b12ec9dad1bf280b157c875bf1126d1f412427436d94fbf5ada1480bf41a7d569a175b13d26cebdd6c727588dcefb3c35557422c672
- SSDEEP
  
  24576:uhMSI/HeSozz9JrDhYyAbeFsACXKRTipQh:kMSI/He/zDr1FAbeFsrCTimh
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan