f0ae4a26ec4d0754d8a753c145376b853682183e525c96c1df9fd8fc878d4778 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0ae4a26ec4d0754d8a753c145376b853682183e525c96c1df9fd8fc878d4778
Size

811KB
Sample

221127-exkfzsda9t
MD5

ce971f40f63d039ec398871a84258688
SHA1

6aeb8d8d6f383c15e8e950662d41c63cde979d9a
SHA256

f0ae4a26ec4d0754d8a753c145376b853682183e525c96c1df9fd8fc878d4778
SHA512

327a40232a0f5afa5b22ffd941fd963104eb6c656f85647b0ad2dfad207571c56ddf75ed60fba23b9f49945ff045e824c5b265759ab890c184571798ec045073
SSDEEP

24576:o3KHtU0c5By6Imz0sYUBJlZ3cnQgeVAuPil:CqUbIaThJiQZAhl

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f0ae4a26ec4d0754d8a753c145376b853682183e525c96c1df9fd8fc878d4778
- Size
  
  811KB
- MD5
  
  ce971f40f63d039ec398871a84258688
- SHA1
  
  6aeb8d8d6f383c15e8e950662d41c63cde979d9a
- SHA256
  
  f0ae4a26ec4d0754d8a753c145376b853682183e525c96c1df9fd8fc878d4778
- SHA512
  
  327a40232a0f5afa5b22ffd941fd963104eb6c656f85647b0ad2dfad207571c56ddf75ed60fba23b9f49945ff045e824c5b265759ab890c184571798ec045073
- SSDEEP
  
  24576:o3KHtU0c5By6Imz0sYUBJlZ3cnQgeVAuPil:CqUbIaThJiQZAhl
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan