b38d0f8a9cb6b80e59cc64de6d16c6d77dfa85ffff055bbc7eceb19927eb77f5 | Triage

Sharing

General

Target

b38d0f8a9cb6b80e59cc64de6d16c6d77dfa85ffff055bbc7eceb19927eb77f5
Size

902KB
Sample

221127-tqrn2see8v
MD5

8a708a881b59287873e37022d749935d
SHA1

c143c801cfde9c8e53549d10c4eb4d9dad484b9f
SHA256

b38d0f8a9cb6b80e59cc64de6d16c6d77dfa85ffff055bbc7eceb19927eb77f5
SHA512

cd72667034b0e8969a33ee09cb621470dc64f759e3fe90b6179f4e5d3173afee7b0cf8c06718aacbe906d44bd8dcc99e0a543ae91282672e49373893f1a1af82
SSDEEP

24576:RybGt5bmEupzJInuFcd5Rp7SrE/yO9DfiD3Bnk9R8:Ry6t5zCzS5RQrE/1gRc8

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b38d0f8a9cb6b80e59cc64de6d16c6d77dfa85ffff055bbc7eceb19927eb77f5
- Size
  
  902KB
- MD5
  
  8a708a881b59287873e37022d749935d
- SHA1
  
  c143c801cfde9c8e53549d10c4eb4d9dad484b9f
- SHA256
  
  b38d0f8a9cb6b80e59cc64de6d16c6d77dfa85ffff055bbc7eceb19927eb77f5
- SHA512
  
  cd72667034b0e8969a33ee09cb621470dc64f759e3fe90b6179f4e5d3173afee7b0cf8c06718aacbe906d44bd8dcc99e0a543ae91282672e49373893f1a1af82
- SSDEEP
  
  24576:RybGt5bmEupzJInuFcd5Rp7SrE/yO9DfiD3Bnk9R8:Ry6t5zCzS5RQrE/1gRc8
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2