cf67fa33aae5f76909dad8ad0acd38642baf0e10b9d0712557d646378d3933c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf67fa33aae5f76909dad8ad0acd38642baf0e10b9d0712557d646378d3933c5
Size

803KB
Sample

221127-fa6ldaea3z
MD5

59f4d4fd36e7a9991cac973c2e1bad2a
SHA1

8cbad475eaf42379eeb509f47f38295d6811ee37
SHA256

cf67fa33aae5f76909dad8ad0acd38642baf0e10b9d0712557d646378d3933c5
SHA512

dc9772ba8d59e486d39c5feeb9db00c16ed28f416713c250c40d722f22b5188280bfd25935e0ce42ac98b86582467a18085f88abe320a8305ca7e98cada358ee
SSDEEP

24576:l9wrYi1H/Z17lF50+fPmvC/qsSlSBC6VKLf3CzO:lHifv7lF5DoTl6rrO

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  cf67fa33aae5f76909dad8ad0acd38642baf0e10b9d0712557d646378d3933c5
- Size
  
  803KB
- MD5
  
  59f4d4fd36e7a9991cac973c2e1bad2a
- SHA1
  
  8cbad475eaf42379eeb509f47f38295d6811ee37
- SHA256
  
  cf67fa33aae5f76909dad8ad0acd38642baf0e10b9d0712557d646378d3933c5
- SHA512
  
  dc9772ba8d59e486d39c5feeb9db00c16ed28f416713c250c40d722f22b5188280bfd25935e0ce42ac98b86582467a18085f88abe320a8305ca7e98cada358ee
- SSDEEP
  
  24576:l9wrYi1H/Z17lF50+fPmvC/qsSlSBC6VKLf3CzO:lHifv7lF5DoTl6rrO
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan