afa44f8191ee12a8bc28f0418db631d36cd715f884545fd13c6b1e2dc461c553 | Triage

Sharing

General

Target

afa44f8191ee12a8bc28f0418db631d36cd715f884545fd13c6b1e2dc461c553
Size

814KB
Sample

221127-zwsq7adc3t
MD5

3f6b856c48890dff1851428c808113ee
SHA1

2c37c5d0836b8a7c8db7c7406b1559f7dcc3d4e3
SHA256

afa44f8191ee12a8bc28f0418db631d36cd715f884545fd13c6b1e2dc461c553
SHA512

f5b77b6b3acc9749af16cb2e19700a87a193465cca7f8203f805adae05735cba7c0e876e64909d166ec92f3e558b1c3bd7c321a88cf2908834f8c9fff303e5fd
SSDEEP

24576:JhT93gW/eNttwGaKy6PJV2m4TX9FHZkevvB:JhxHeN3XZaT5fB

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  afa44f8191ee12a8bc28f0418db631d36cd715f884545fd13c6b1e2dc461c553
- Size
  
  814KB
- MD5
  
  3f6b856c48890dff1851428c808113ee
- SHA1
  
  2c37c5d0836b8a7c8db7c7406b1559f7dcc3d4e3
- SHA256
  
  afa44f8191ee12a8bc28f0418db631d36cd715f884545fd13c6b1e2dc461c553
- SHA512
  
  f5b77b6b3acc9749af16cb2e19700a87a193465cca7f8203f805adae05735cba7c0e876e64909d166ec92f3e558b1c3bd7c321a88cf2908834f8c9fff303e5fd
- SSDEEP
  
  24576:JhT93gW/eNttwGaKy6PJV2m4TX9FHZkevvB:JhxHeN3XZaT5fB
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan