b5341e72f1ca6ff7db5a40ac949f2b866117b622a0b10fce2f1e3b792dd8290d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5341e72f1ca6ff7db5a40ac949f2b866117b622a0b10fce2f1e3b792dd8290d
Size

933KB
Sample

221127-t983fagb3y
MD5

0ccbbe493baada0b6a181afdf2f65a78
SHA1

892e2793db3dfbd510e81292f49d1cd9aaa8ca30
SHA256

b5341e72f1ca6ff7db5a40ac949f2b866117b622a0b10fce2f1e3b792dd8290d
SHA512

31fd503f403686b28007b296077276bfefa4c2e3773b9337a5e5d4cc82442dfc4230b851c3334ffc491b08809c30d9e2e380c10deac2a31c850b54cc3a680ff5
SSDEEP

24576:T9vTlbgdvPAHleHNdbejQulDFUzdskSAnfrOQQjitQ:R5bghWlydbwlZUZ+ATxQj6Q

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b5341e72f1ca6ff7db5a40ac949f2b866117b622a0b10fce2f1e3b792dd8290d
- Size
  
  933KB
- MD5
  
  0ccbbe493baada0b6a181afdf2f65a78
- SHA1
  
  892e2793db3dfbd510e81292f49d1cd9aaa8ca30
- SHA256
  
  b5341e72f1ca6ff7db5a40ac949f2b866117b622a0b10fce2f1e3b792dd8290d
- SHA512
  
  31fd503f403686b28007b296077276bfefa4c2e3773b9337a5e5d4cc82442dfc4230b851c3334ffc491b08809c30d9e2e380c10deac2a31c850b54cc3a680ff5
- SSDEEP
  
  24576:T9vTlbgdvPAHleHNdbejQulDFUzdskSAnfrOQQjitQ:R5bghWlydbwlZUZ+ATxQj6Q
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2