a806b74578d8af3af4bc3a4a94855e64686d47b3b9abea9452cf31819b2b5042 | Triage

Sharing

General

Target

a806b74578d8af3af4bc3a4a94855e64686d47b3b9abea9452cf31819b2b5042
Size

874KB
Sample

221127-t1xm2sbg84
MD5

ca619a165089d5002c4fcdc9503b02e6
SHA1

3c62adecc2637e09c41b9d7e136ba4b70e2b74f4
SHA256

a806b74578d8af3af4bc3a4a94855e64686d47b3b9abea9452cf31819b2b5042
SHA512

5c98097e6a7462cee78fab1e5cd20d9faf63dd76ccc246db3eb52e61ee47c40dcdb93bca9a3b910b5283dfe718d9d7038568e0c157178b37f6633c4017f9c990
SSDEEP

12288:2QeJnp/FlVda8QpUFGVvH+Kfzq2V38Db8VakPXeIfqMn78StsSlr1FTKNhv7:2fdlZE3VvH+KhZobOeg7B5tCF7

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  a806b74578d8af3af4bc3a4a94855e64686d47b3b9abea9452cf31819b2b5042
- Size
  
  874KB
- MD5
  
  ca619a165089d5002c4fcdc9503b02e6
- SHA1
  
  3c62adecc2637e09c41b9d7e136ba4b70e2b74f4
- SHA256
  
  a806b74578d8af3af4bc3a4a94855e64686d47b3b9abea9452cf31819b2b5042
- SHA512
  
  5c98097e6a7462cee78fab1e5cd20d9faf63dd76ccc246db3eb52e61ee47c40dcdb93bca9a3b910b5283dfe718d9d7038568e0c157178b37f6633c4017f9c990
- SSDEEP
  
  12288:2QeJnp/FlVda8QpUFGVvH+Kfzq2V38Db8VakPXeIfqMn78StsSlr1FTKNhv7:2fdlZE3VvH+KhZobOeg7B5tCF7
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2