eed2c3039da099d2edd459c0984f5f6a1e956afe0b9bb330cf2300dca70a1707 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eed2c3039da099d2edd459c0984f5f6a1e956afe0b9bb330cf2300dca70a1707
Size

936KB
Sample

221127-zdfc5sga53
MD5

31562966c24c8656706384ff4e781509
SHA1

c0fe718801266e041dd8b4aaf7818ca49606edf2
SHA256

eed2c3039da099d2edd459c0984f5f6a1e956afe0b9bb330cf2300dca70a1707
SHA512

784c90e99c3f923a1a1dba42773d15e7ee6967609d87fa380cc260abd1d72f658efb7ee36d655a4e9a6dc027533ca364c3c2e827bbba97a8349f09c740d29f86
SSDEEP

24576:YLwch6PKGaTJxjNtbVxR9O3zjtEIUIccCnkluJBaoxT:YLwch6PKGaTPNtbVxRQ3mIncNwuJBvT

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  eed2c3039da099d2edd459c0984f5f6a1e956afe0b9bb330cf2300dca70a1707
- Size
  
  936KB
- MD5
  
  31562966c24c8656706384ff4e781509
- SHA1
  
  c0fe718801266e041dd8b4aaf7818ca49606edf2
- SHA256
  
  eed2c3039da099d2edd459c0984f5f6a1e956afe0b9bb330cf2300dca70a1707
- SHA512
  
  784c90e99c3f923a1a1dba42773d15e7ee6967609d87fa380cc260abd1d72f658efb7ee36d655a4e9a6dc027533ca364c3c2e827bbba97a8349f09c740d29f86
- SSDEEP
  
  24576:YLwch6PKGaTJxjNtbVxR9O3zjtEIUIccCnkluJBaoxT:YLwch6PKGaTPNtbVxRQ3mIncNwuJBvT
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2