05538e3cc14d1b3bb503e862b500d4b0d028dbdc0ca2c26594751939b5184f71 | Triage

Sharing

General

Target

05538e3cc14d1b3bb503e862b500d4b0d028dbdc0ca2c26594751939b5184f71
Size

803KB
Sample

221127-hztzzsha22
MD5

b6075005f3e6d41c915d2f9e164ab680
SHA1

58ffac62db04f375ab731ea5d154ff4624e9f6ea
SHA256

05538e3cc14d1b3bb503e862b500d4b0d028dbdc0ca2c26594751939b5184f71
SHA512

a2c021a256e1702d2b95f039a79de14f916e8eb389244c7e81bd7b3e1c29bdd95a3497180a5e4dd22779c54f0b7da4b8e0388f1eeeb42c6e071a89d04258baa0
SSDEEP

12288:eRiTNrOhC09gVDwb5P17xy651L1pK3tXC3tzyKNlJX3mNw+8B6X4zmAs8uBEyRU+:efvpIUK9S3tzFlJnmNwL6XfAsb/RUU73

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  05538e3cc14d1b3bb503e862b500d4b0d028dbdc0ca2c26594751939b5184f71
- Size
  
  803KB
- MD5
  
  b6075005f3e6d41c915d2f9e164ab680
- SHA1
  
  58ffac62db04f375ab731ea5d154ff4624e9f6ea
- SHA256
  
  05538e3cc14d1b3bb503e862b500d4b0d028dbdc0ca2c26594751939b5184f71
- SHA512
  
  a2c021a256e1702d2b95f039a79de14f916e8eb389244c7e81bd7b3e1c29bdd95a3497180a5e4dd22779c54f0b7da4b8e0388f1eeeb42c6e071a89d04258baa0
- SSDEEP
  
  12288:eRiTNrOhC09gVDwb5P17xy651L1pK3tXC3tzyKNlJX3mNw+8B6X4zmAs8uBEyRU+:efvpIUK9S3tzFlJnmNwL6XfAsb/RUU73
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan