dd1b878e86b88d12b0360c679ce915fd8d2dd540118f5e4b8662a2b49d4ff76a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd1b878e86b88d12b0360c679ce915fd8d2dd540118f5e4b8662a2b49d4ff76a
Size

874KB
Sample

221127-zgwjjacb8v
MD5

17ed406b175b79367a0df25a16f49179
SHA1

2d14a7a532a3c862394bb52a83258f8fbe7cb4f6
SHA256

dd1b878e86b88d12b0360c679ce915fd8d2dd540118f5e4b8662a2b49d4ff76a
SHA512

f9a80b92fd356bd5bec01d3d5afcb5efbb302b2bd484659f889df0dfa285ce906be1df149756ae8d552fcf7d9d44fa0d8d63e111b0eaa5a3302fe8b46781a5c7
SSDEEP

24576:3YpQ+39QhUvddyTRm539x6XNrZzvRbipYT2yS:3YpQM+gqw5HiNFUSfS

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  dd1b878e86b88d12b0360c679ce915fd8d2dd540118f5e4b8662a2b49d4ff76a
- Size
  
  874KB
- MD5
  
  17ed406b175b79367a0df25a16f49179
- SHA1
  
  2d14a7a532a3c862394bb52a83258f8fbe7cb4f6
- SHA256
  
  dd1b878e86b88d12b0360c679ce915fd8d2dd540118f5e4b8662a2b49d4ff76a
- SHA512
  
  f9a80b92fd356bd5bec01d3d5afcb5efbb302b2bd484659f889df0dfa285ce906be1df149756ae8d552fcf7d9d44fa0d8d63e111b0eaa5a3302fe8b46781a5c7
- SSDEEP
  
  24576:3YpQ+39QhUvddyTRm539x6XNrZzvRbipYT2yS:3YpQM+gqw5HiNFUSfS
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2