b6bb08f1fb3c94dfe5f4e8492168c9c775e70c464a2d06827437932c03b28961 | Triage

Sharing

General

Target

b6bb08f1fb3c94dfe5f4e8492168c9c775e70c464a2d06827437932c03b28961
Size

876KB
Sample

221127-nb5pgace99
MD5

8190ca5ce28856a1d3c20c6e7c26dec2
SHA1

475ca67cc2390677021ac7198ea7b6b113ccf237
SHA256

b6bb08f1fb3c94dfe5f4e8492168c9c775e70c464a2d06827437932c03b28961
SHA512

85f3b19189c4a105c40d466a8fca57b47c877d6d802168f4ac266217f3e33dac4bfdaafde16b628fd457b9cdd0d1f62976889dbc69b4549c4a2a15549084e998
SSDEEP

12288:MdfNVMEl56BKFbFdQb34nSJxG9S5QXi8xGhAc1KscH7CtsHEA8P2l2z2w:Md5TgaFdU4nSJg9SWyeGaMSzH58PD2w

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b6bb08f1fb3c94dfe5f4e8492168c9c775e70c464a2d06827437932c03b28961
- Size
  
  876KB
- MD5
  
  8190ca5ce28856a1d3c20c6e7c26dec2
- SHA1
  
  475ca67cc2390677021ac7198ea7b6b113ccf237
- SHA256
  
  b6bb08f1fb3c94dfe5f4e8492168c9c775e70c464a2d06827437932c03b28961
- SHA512
  
  85f3b19189c4a105c40d466a8fca57b47c877d6d802168f4ac266217f3e33dac4bfdaafde16b628fd457b9cdd0d1f62976889dbc69b4549c4a2a15549084e998
- SSDEEP
  
  12288:MdfNVMEl56BKFbFdQb34nSJxG9S5QXi8xGhAc1KscH7CtsHEA8P2l2z2w:Md5TgaFdU4nSJg9SWyeGaMSzH58PD2w
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2