ada98fd03de5b92e55a2400bbf3d5494d0415ae983e0f5abcefcf5a7e390696f | Triage

Sharing

General

Target

ada98fd03de5b92e55a2400bbf3d5494d0415ae983e0f5abcefcf5a7e390696f
Size

684KB
Sample

221128-aeka2shh43
MD5

1dbc3d977d77938e623e7cafac224a35
SHA1

45ff047892c4ee28364ce26744fa8ad19a3f858c
SHA256

ada98fd03de5b92e55a2400bbf3d5494d0415ae983e0f5abcefcf5a7e390696f
SHA512

313e76075ce3bb5dddc8e04629217074a45301f4f887459e71929cd7654bdb436839ccf14bf3acf1db68b21543710f4ddb835fcf0a0b369d020e4201cc69ed33
SSDEEP

12288:4/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9AlZ:4sD18Xa1A3YBZffJWCNhjeFTIfMUvOlZ

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ada98fd03de5b92e55a2400bbf3d5494d0415ae983e0f5abcefcf5a7e390696f
- Size
  
  684KB
- MD5
  
  1dbc3d977d77938e623e7cafac224a35
- SHA1
  
  45ff047892c4ee28364ce26744fa8ad19a3f858c
- SHA256
  
  ada98fd03de5b92e55a2400bbf3d5494d0415ae983e0f5abcefcf5a7e390696f
- SHA512
  
  313e76075ce3bb5dddc8e04629217074a45301f4f887459e71929cd7654bdb436839ccf14bf3acf1db68b21543710f4ddb835fcf0a0b369d020e4201cc69ed33
- SSDEEP
  
  12288:4/ZqsC9Pa6P8Xu+Y0+4Kk3R61B0iYWfJWCMQHxvZj3uHcwTIfM1GjT9AlZ:4sD18Xa1A3YBZffJWCNhjeFTIfMUvOlZ
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan