0aac7eaa27f5502a4ab6af29004787f56d188b368383d7fee58ee942471c8e86 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0aac7eaa27f5502a4ab6af29004787f56d188b368383d7fee58ee942471c8e86
Size

833KB
Sample

221127-hvlstacb61
MD5

b852ffcf2494a911fe8174dc45640f67
SHA1

c120515f78f49d3127b22732dd92edab290beb1e
SHA256

0aac7eaa27f5502a4ab6af29004787f56d188b368383d7fee58ee942471c8e86
SHA512

16a3969ca9c0702087c9dbc60010b3ebee926145faf1f660e5820637c70cd5a80d7675cbec0eb332bb709f8282c1401bc6cd19d07e9db7ffa11a53bd7bf68015
SSDEEP

12288:Sn1FBSR/3yS8IZ0Rbz8k2lwvVFvE+OZ3/E24bRm7vRwUc4iajYNpAPyQ1R3Ar3Ke:SnjBdT2sVpE+Y3/T4bIrRjGAVT3Y5+ql

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  0aac7eaa27f5502a4ab6af29004787f56d188b368383d7fee58ee942471c8e86
- Size
  
  833KB
- MD5
  
  b852ffcf2494a911fe8174dc45640f67
- SHA1
  
  c120515f78f49d3127b22732dd92edab290beb1e
- SHA256
  
  0aac7eaa27f5502a4ab6af29004787f56d188b368383d7fee58ee942471c8e86
- SHA512
  
  16a3969ca9c0702087c9dbc60010b3ebee926145faf1f660e5820637c70cd5a80d7675cbec0eb332bb709f8282c1401bc6cd19d07e9db7ffa11a53bd7bf68015
- SSDEEP
  
  12288:Sn1FBSR/3yS8IZ0Rbz8k2lwvVFvE+OZ3/E24bRm7vRwUc4iajYNpAPyQ1R3Ar3Ke:SnjBdT2sVpE+Y3/T4bIrRjGAVT3Y5+ql
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan