c45901f49b569729c9ba29ecbc14a2eba4e3e51d01b5557a8385951cceb2febb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c45901f49b569729c9ba29ecbc14a2eba4e3e51d01b5557a8385951cceb2febb
Size

853KB
Sample

221127-zqeblscg81
MD5

9cbb9b676157099f1f2ef764e6e45122
SHA1

9f45a03904605e55c6ac5e0d0dd85a8571a87fa9
SHA256

c45901f49b569729c9ba29ecbc14a2eba4e3e51d01b5557a8385951cceb2febb
SHA512

0c0408ecf5ea4d8998f509d3b178b90fda4b17ffd41a52a11982f309f34409ba6865f7008bf6df55ef93ec9cb51ce97846dcf0a460ad3448fe28e436cc8049ac
SSDEEP

24576:rkK+/z9h4m4BU56DDudc8nUfjPt0m9lplo:rk//z9h4mv6KuRfjVBo

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  c45901f49b569729c9ba29ecbc14a2eba4e3e51d01b5557a8385951cceb2febb
- Size
  
  853KB
- MD5
  
  9cbb9b676157099f1f2ef764e6e45122
- SHA1
  
  9f45a03904605e55c6ac5e0d0dd85a8571a87fa9
- SHA256
  
  c45901f49b569729c9ba29ecbc14a2eba4e3e51d01b5557a8385951cceb2febb
- SHA512
  
  0c0408ecf5ea4d8998f509d3b178b90fda4b17ffd41a52a11982f309f34409ba6865f7008bf6df55ef93ec9cb51ce97846dcf0a460ad3448fe28e436cc8049ac
- SSDEEP
  
  24576:rkK+/z9h4m4BU56DDudc8nUfjPt0m9lplo:rk//z9h4mv6KuRfjVBo
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan