cb96122c6a02d90c5d9f278a4350ecf1ea15fd3cd662f80d89444d71c2379f64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cb96122c6a02d90c5d9f278a4350ecf1ea15fd3cd662f80d89444d71c2379f64
Size

812KB
Sample

221127-znc1rsgg44
MD5

ee47b3a9ca21fe7ded97fd192a4e8a05
SHA1

bbe9ac31b8ce28a78539951b174e359abbbe1869
SHA256

cb96122c6a02d90c5d9f278a4350ecf1ea15fd3cd662f80d89444d71c2379f64
SHA512

4079918fbd34538ccabd6f53ddb9dec181d964b30ad45274d1ca53d829fdccd57c03cfaf38168f8a36bc1c2c9f28ad0a97f9062adf3d161769a8834693b08c72
SSDEEP

24576:8/1fYXoNOl3spmQx/x+QxrIY+Q6+Nt/u7Brl4dhQ:8/1wOpf/xrVDBNt/MmQ

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  cb96122c6a02d90c5d9f278a4350ecf1ea15fd3cd662f80d89444d71c2379f64
- Size
  
  812KB
- MD5
  
  ee47b3a9ca21fe7ded97fd192a4e8a05
- SHA1
  
  bbe9ac31b8ce28a78539951b174e359abbbe1869
- SHA256
  
  cb96122c6a02d90c5d9f278a4350ecf1ea15fd3cd662f80d89444d71c2379f64
- SHA512
  
  4079918fbd34538ccabd6f53ddb9dec181d964b30ad45274d1ca53d829fdccd57c03cfaf38168f8a36bc1c2c9f28ad0a97f9062adf3d161769a8834693b08c72
- SSDEEP
  
  24576:8/1fYXoNOl3spmQx/x+QxrIY+Q6+Nt/u7Brl4dhQ:8/1wOpf/xrVDBNt/MmQ
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan