f7f3e55e4ba4af23463576f3eb2f4aa59211867da9fbb24b0aa36c1f1673380f | Triage

Sharing

General

Target

f7f3e55e4ba4af23463576f3eb2f4aa59211867da9fbb24b0aa36c1f1673380f
Size

810KB
Sample

221127-zankcabf8y
MD5

c37520ad160b009aa6a8f5356ea217a8
SHA1

4443ebe7d9d5b495c9f002b40ce961dd55670438
SHA256

f7f3e55e4ba4af23463576f3eb2f4aa59211867da9fbb24b0aa36c1f1673380f
SHA512

187f1b7ac285b85c7550ecafe1df52ac2e67a6dfa960996908f3832a76afc97797fe97569c1e82df1b4b8119397255aef98ac9320950a0aae9294761ea58ff62
SSDEEP

12288:+OOYWGLNwdUzLasT+w9x0fOfQBnIe+GH5e+NPsCuPEpqrsuGZCZ8EZ4+F5XM1PC:DB3zLFTXQBnt+GH5e+3RWZ8EZ4+jMPC

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  f7f3e55e4ba4af23463576f3eb2f4aa59211867da9fbb24b0aa36c1f1673380f
- Size
  
  810KB
- MD5
  
  c37520ad160b009aa6a8f5356ea217a8
- SHA1
  
  4443ebe7d9d5b495c9f002b40ce961dd55670438
- SHA256
  
  f7f3e55e4ba4af23463576f3eb2f4aa59211867da9fbb24b0aa36c1f1673380f
- SHA512
  
  187f1b7ac285b85c7550ecafe1df52ac2e67a6dfa960996908f3832a76afc97797fe97569c1e82df1b4b8119397255aef98ac9320950a0aae9294761ea58ff62
- SSDEEP
  
  12288:+OOYWGLNwdUzLasT+w9x0fOfQBnIe+GH5e+NPsCuPEpqrsuGZCZ8EZ4+F5XM1PC:DB3zLFTXQBnt+GH5e+3RWZ8EZ4+jMPC
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan