0597a41d17807a2bf4ef9aa5eab061bcd373c26b3e5ff95a7c24b5d437b8d9d7 | Triage

Sharing

General

Target

0597a41d17807a2bf4ef9aa5eab061bcd373c26b3e5ff95a7c24b5d437b8d9d7
Size

820KB
Sample

221127-hy2y7scd71
MD5

b7ff36df2aca7adf38c9c3f00b3da0b6
SHA1

caf53e3e59a0b315ad620d7208f26f0815deea98
SHA256

0597a41d17807a2bf4ef9aa5eab061bcd373c26b3e5ff95a7c24b5d437b8d9d7
SHA512

eecf002d4206505a4a8f322e0724c80ffea5b95b867c1be2479d6b44707f37f4a9227a75215fd5219685f51c77587af8bdfc40be75322c8447dcf9da418d8090
SSDEEP

24576:aiEcBBCb7A+kD9U/sFjvQ3/O8Ire2Juo5uz:pEcBQbVkDq/slvQ6S2Iowz

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  0597a41d17807a2bf4ef9aa5eab061bcd373c26b3e5ff95a7c24b5d437b8d9d7
- Size
  
  820KB
- MD5
  
  b7ff36df2aca7adf38c9c3f00b3da0b6
- SHA1
  
  caf53e3e59a0b315ad620d7208f26f0815deea98
- SHA256
  
  0597a41d17807a2bf4ef9aa5eab061bcd373c26b3e5ff95a7c24b5d437b8d9d7
- SHA512
  
  eecf002d4206505a4a8f322e0724c80ffea5b95b867c1be2479d6b44707f37f4a9227a75215fd5219685f51c77587af8bdfc40be75322c8447dcf9da418d8090
- SSDEEP
  
  24576:aiEcBBCb7A+kD9U/sFjvQ3/O8Ire2Juo5uz:pEcBQbVkDq/slvQ6S2Iowz
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan