d11876388caf139a968c5bd40111846f1ed818ecbb62e00b1aba60d3c7644ea9 | Triage

Sharing

General

Target

d11876388caf139a968c5bd40111846f1ed818ecbb62e00b1aba60d3c7644ea9
Size

875KB
Sample

221127-t174sabh22
MD5

26a2f7915ed7f5210e5b6df37c9e46d8
SHA1

89f8d2e166964a6c025445226c1117ddd1338cd2
SHA256

d11876388caf139a968c5bd40111846f1ed818ecbb62e00b1aba60d3c7644ea9
SHA512

3f12aaa3ad27298a1f0a20ee21889f57fb145606e9846c04bcb8fd580d9673e6a0da484ebbc74a3ccd67b84e999ee49d5d358747b141bc1168cc91120cd7af12
SSDEEP

12288:LD3p0y49oCVPtyEucRbaTTYj2FgzdUTdY0irwb78TRds7Ck3yKa:LD3utPt7NoHPFaId7QdsGyyKa

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  d11876388caf139a968c5bd40111846f1ed818ecbb62e00b1aba60d3c7644ea9
- Size
  
  875KB
- MD5
  
  26a2f7915ed7f5210e5b6df37c9e46d8
- SHA1
  
  89f8d2e166964a6c025445226c1117ddd1338cd2
- SHA256
  
  d11876388caf139a968c5bd40111846f1ed818ecbb62e00b1aba60d3c7644ea9
- SHA512
  
  3f12aaa3ad27298a1f0a20ee21889f57fb145606e9846c04bcb8fd580d9673e6a0da484ebbc74a3ccd67b84e999ee49d5d358747b141bc1168cc91120cd7af12
- SSDEEP
  
  12288:LD3p0y49oCVPtyEucRbaTTYj2FgzdUTdY0irwb78TRds7Ck3yKa:LD3utPt7NoHPFaId7QdsGyyKa
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2