dc0a5400a6a6c2a108b84ba412bfb362d1ded7ead4ab80e80015d5ce79da93b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc0a5400a6a6c2a108b84ba412bfb362d1ded7ead4ab80e80015d5ce79da93b3
Size

818KB
Sample

221127-zg7a2acc2s
MD5

3db05077a358e4a4d1324bf545832111
SHA1

33e9e74e77a2bf9b514939c529eb5af24adcd227
SHA256

dc0a5400a6a6c2a108b84ba412bfb362d1ded7ead4ab80e80015d5ce79da93b3
SHA512

d30f149eb1376a0f60e6ce8dca6fa01181f53e4d4918eb04ee6292867dd4a20ccb4aff0eff0b07f0b8a40a16ee25feefa9dc4e5520ab4db2e9c307e5bbad4542
SSDEEP

12288:zexWG0aOJIEM8FYV9DAvLPRaXV/tGg0Citg1Pqvb/r7uKrPDQlYSQefhtmi9:KxjZ8O0y/og0Citg1S6APDQlxxnmi9

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  dc0a5400a6a6c2a108b84ba412bfb362d1ded7ead4ab80e80015d5ce79da93b3
- Size
  
  818KB
- MD5
  
  3db05077a358e4a4d1324bf545832111
- SHA1
  
  33e9e74e77a2bf9b514939c529eb5af24adcd227
- SHA256
  
  dc0a5400a6a6c2a108b84ba412bfb362d1ded7ead4ab80e80015d5ce79da93b3
- SHA512
  
  d30f149eb1376a0f60e6ce8dca6fa01181f53e4d4918eb04ee6292867dd4a20ccb4aff0eff0b07f0b8a40a16ee25feefa9dc4e5520ab4db2e9c307e5bbad4542
- SSDEEP
  
  12288:zexWG0aOJIEM8FYV9DAvLPRaXV/tGg0Citg1Pqvb/r7uKrPDQlYSQefhtmi9:KxjZ8O0y/og0Citg1S6APDQlxxnmi9
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan