aead3fa497eae6ed0eb48ba089057ca14333efa523276fad5390abe38af2fc22 | Triage

Sharing

General

Target

aead3fa497eae6ed0eb48ba089057ca14333efa523276fad5390abe38af2fc22
Size

881KB
Sample

221127-fqqvvsbd87
MD5

6d085bf9c7c8bb5196548576f3a5c50e
SHA1

8f0cd646e84a674a226c9e403a4353383b5a48b9
SHA256

aead3fa497eae6ed0eb48ba089057ca14333efa523276fad5390abe38af2fc22
SHA512

8b9e6d67fbe5d9a3bf1ebb544c78915b6abddbafa6afc6d87ec9e6ea2f02a629c20eab9531a0382c1e73095a8f88b9c0961583db5eaf0faea48d500a34eed6d0
SSDEEP

24576:/lP0P/K8BIfpT8s8fr9UTDBhJtBOplaG9:/lMnKwIR/8fr9IlbtBe19

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  aead3fa497eae6ed0eb48ba089057ca14333efa523276fad5390abe38af2fc22
- Size
  
  881KB
- MD5
  
  6d085bf9c7c8bb5196548576f3a5c50e
- SHA1
  
  8f0cd646e84a674a226c9e403a4353383b5a48b9
- SHA256
  
  aead3fa497eae6ed0eb48ba089057ca14333efa523276fad5390abe38af2fc22
- SHA512
  
  8b9e6d67fbe5d9a3bf1ebb544c78915b6abddbafa6afc6d87ec9e6ea2f02a629c20eab9531a0382c1e73095a8f88b9c0961583db5eaf0faea48d500a34eed6d0
- SSDEEP
  
  24576:/lP0P/K8BIfpT8s8fr9UTDBhJtBOplaG9:/lMnKwIR/8fr9IlbtBe19
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2