1d84787c5597ca1f56be20f3c896993d127eb554d2e0fa502b05de20705b25ca | Triage

Sharing

General

Target

1d84787c5597ca1f56be20f3c896993d127eb554d2e0fa502b05de20705b25ca
Size

871KB
Sample

221127-lvw6bsgd77
MD5

ad965f534463cb76a9303dcdc31051c6
SHA1

83d492ce1f6c03db130763707714b8524d2ab82f
SHA256

1d84787c5597ca1f56be20f3c896993d127eb554d2e0fa502b05de20705b25ca
SHA512

65dda22af7d32acdf60c9ad4b8a4a55c2a60daffa9098ab7a18c9af1ea89abab63deeaa72541ec55268404c137449ca610dc24ecc286e40486a18ada4ded02cb
SSDEEP

12288:kJtSyvmvsY7eau63741qdeG1vkFx8yd3uYSuJByTCuSjzHMe0O7bL6WPJewWDUOG:qoyOrE6r6svT+vByTCumvVbL6WKRxjs

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  1d84787c5597ca1f56be20f3c896993d127eb554d2e0fa502b05de20705b25ca
- Size
  
  871KB
- MD5
  
  ad965f534463cb76a9303dcdc31051c6
- SHA1
  
  83d492ce1f6c03db130763707714b8524d2ab82f
- SHA256
  
  1d84787c5597ca1f56be20f3c896993d127eb554d2e0fa502b05de20705b25ca
- SHA512
  
  65dda22af7d32acdf60c9ad4b8a4a55c2a60daffa9098ab7a18c9af1ea89abab63deeaa72541ec55268404c137449ca610dc24ecc286e40486a18ada4ded02cb
- SSDEEP
  
  12288:kJtSyvmvsY7eau63741qdeG1vkFx8yd3uYSuJByTCuSjzHMe0O7bL6WPJewWDUOG:qoyOrE6r6svT+vByTCumvVbL6WKRxjs
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2