b0b44b6785a762642c4551b8c4f59123cb7419d1d098823a1a8aa6d2f39891d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0b44b6785a762642c4551b8c4f59123cb7419d1d098823a1a8aa6d2f39891d2
Size

902KB
Sample

221127-fp3s2afa2t
MD5

02ce86ccb7dbbeb67e68c60d0456209e
SHA1

2fe754850fafe370dd105fdec6c65e583049a4ca
SHA256

b0b44b6785a762642c4551b8c4f59123cb7419d1d098823a1a8aa6d2f39891d2
SHA512

1c1c0ebcf0bb829839359ff6331f1ae4ffa96e63327e5c58f4625f6886c8abbb9030f1bce7cda19c211aca0f8111267d7a704cbd652cbae91d4be047c5a453af
SSDEEP

12288:K6TxooIpoqBNYlMohz7GxSO2DtmLvyorEvacRDJKcRcUlZ2n6nsrQhnZTmb:KDDGMo9GYOzjrEvzDcciyZ2nCHTmb

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b0b44b6785a762642c4551b8c4f59123cb7419d1d098823a1a8aa6d2f39891d2
- Size
  
  902KB
- MD5
  
  02ce86ccb7dbbeb67e68c60d0456209e
- SHA1
  
  2fe754850fafe370dd105fdec6c65e583049a4ca
- SHA256
  
  b0b44b6785a762642c4551b8c4f59123cb7419d1d098823a1a8aa6d2f39891d2
- SHA512
  
  1c1c0ebcf0bb829839359ff6331f1ae4ffa96e63327e5c58f4625f6886c8abbb9030f1bce7cda19c211aca0f8111267d7a704cbd652cbae91d4be047c5a453af
- SSDEEP
  
  12288:K6TxooIpoqBNYlMohz7GxSO2DtmLvyorEvacRDJKcRcUlZ2n6nsrQhnZTmb:KDDGMo9GYOzjrEvzDcciyZ2nCHTmb
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2