fa9815d304bd740ad2cd02e64d2768ae980008b8ce406292677653051d3d4445 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa9815d304bd740ad2cd02e64d2768ae980008b8ce406292677653051d3d4445
Size

870KB
Sample

221127-ern7zshb27
MD5

3316c245331f1605a8bf24a910d8b45e
SHA1

7a424c897d0dedd35793605441f0ccb4c3d3e45e
SHA256

fa9815d304bd740ad2cd02e64d2768ae980008b8ce406292677653051d3d4445
SHA512

911800c99018711533851277a90a41ea0775e14a453f622d6e2ca92b5a8ee1aa0c331ff393e37459c812e6957245fa8d4e03275d6c8093503b1ec9d36ebb3bf9
SSDEEP

12288:TIrexnJe3Vs1VNHp2mwHTaFwf72PIT9RIwnKOY1u1aO8vQlQILSIV26eEMvVotZ1:TIrex2kt4TVau9RJKO71IYlVOap4OZlD

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  fa9815d304bd740ad2cd02e64d2768ae980008b8ce406292677653051d3d4445
- Size
  
  870KB
- MD5
  
  3316c245331f1605a8bf24a910d8b45e
- SHA1
  
  7a424c897d0dedd35793605441f0ccb4c3d3e45e
- SHA256
  
  fa9815d304bd740ad2cd02e64d2768ae980008b8ce406292677653051d3d4445
- SHA512
  
  911800c99018711533851277a90a41ea0775e14a453f622d6e2ca92b5a8ee1aa0c331ff393e37459c812e6957245fa8d4e03275d6c8093503b1ec9d36ebb3bf9
- SSDEEP
  
  12288:TIrexnJe3Vs1VNHp2mwHTaFwf72PIT9RIwnKOY1u1aO8vQlQILSIV26eEMvVotZ1:TIrex2kt4TVau9RJKO71IYlVOap4OZlD
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2