94fb83660025c6f932f09d29af8384ae148ffb81845819543b562178e9ab5125 | Triage

Sharing

General

Target

94fb83660025c6f932f09d29af8384ae148ffb81845819543b562178e9ab5125
Size

882KB
Sample

221127-tq9vmaef3x
MD5

ea923fb5d087ec63200a47272779e7b0
SHA1

7b86e7fdda9fda01b420a9ab865ce53369c263b2
SHA256

94fb83660025c6f932f09d29af8384ae148ffb81845819543b562178e9ab5125
SHA512

8b354bd87d88cee9818504081640c6ba6085a8e68bd7b58879dc1cbbdd68dc944257a1cb27064bd563bc395b4552f872e312c4934b5b852bce4e403900ff8963
SSDEEP

24576:FiLvjqMNvXRIjI4LlviBEFnLjHSNwe+WjNHk1:FivJNvRV4LkoP8wbWjNE1

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  94fb83660025c6f932f09d29af8384ae148ffb81845819543b562178e9ab5125
- Size
  
  882KB
- MD5
  
  ea923fb5d087ec63200a47272779e7b0
- SHA1
  
  7b86e7fdda9fda01b420a9ab865ce53369c263b2
- SHA256
  
  94fb83660025c6f932f09d29af8384ae148ffb81845819543b562178e9ab5125
- SHA512
  
  8b354bd87d88cee9818504081640c6ba6085a8e68bd7b58879dc1cbbdd68dc944257a1cb27064bd563bc395b4552f872e312c4934b5b852bce4e403900ff8963
- SSDEEP
  
  24576:FiLvjqMNvXRIjI4LlviBEFnLjHSNwe+WjNHk1:FivJNvRV4LkoP8wbWjNE1
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2