81d4477472cd3a45943efd5ea07b712e79c755ccb63d52655c95b6f8778818b7 | Triage

Sharing

General

Target

81d4477472cd3a45943efd5ea07b712e79c755ccb63d52655c95b6f8778818b7
Size

877KB
Sample

221127-z7ezgaea6w
MD5

cb3d4763c2ab0e90c893d9216352393e
SHA1

6a5a22fa3526f147deb441f402666d24e12832c5
SHA256

81d4477472cd3a45943efd5ea07b712e79c755ccb63d52655c95b6f8778818b7
SHA512

09602948e6fe58ab0daf6ffda7516d3d3345e7041c2f79c3182c04181915922630bf4ff263a4e41c2f5b6d197307308d7792091558d8d59dccf15f5995ed2cfc
SSDEEP

12288:c2HzETdbIJ56RNN9XftFA9GE12pK464E66xE+F41JiDPHPNrtZeAboVNO:c2TES56DVaRApp6H5PFSJirHPNrDoVNO

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  81d4477472cd3a45943efd5ea07b712e79c755ccb63d52655c95b6f8778818b7
- Size
  
  877KB
- MD5
  
  cb3d4763c2ab0e90c893d9216352393e
- SHA1
  
  6a5a22fa3526f147deb441f402666d24e12832c5
- SHA256
  
  81d4477472cd3a45943efd5ea07b712e79c755ccb63d52655c95b6f8778818b7
- SHA512
  
  09602948e6fe58ab0daf6ffda7516d3d3345e7041c2f79c3182c04181915922630bf4ff263a4e41c2f5b6d197307308d7792091558d8d59dccf15f5995ed2cfc
- SSDEEP
  
  12288:c2HzETdbIJ56RNN9XftFA9GE12pK464E66xE+F41JiDPHPNrtZeAboVNO:c2TES56DVaRApp6H5PFSJirHPNrDoVNO
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2