ada5f763c1dfaff7cff3db36c535fc4028ab9dfe942a67e8d41338112618a3c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ada5f763c1dfaff7cff3db36c535fc4028ab9dfe942a67e8d41338112618a3c7
Size

842KB
Sample

221128-ajxf6sab89
MD5

777295c81d7047533678a619320de8be
SHA1

6acb4e5a2689f567d1149885c8183985235ee551
SHA256

ada5f763c1dfaff7cff3db36c535fc4028ab9dfe942a67e8d41338112618a3c7
SHA512

d769d0adb902ab73671cde874a85db75f7b770d840fdaba110e6a58d7faf7c963f1f2e67522be284b0cf0e1a8a80af745e577b34619d617f29876d09c5c1f26c
SSDEEP

24576:ZJ7PxMeanh0XSW+5Mxv3+mtihZIWXPsopBzQiZMm:ZJDxMeMyiW+OxmmGpppBSm

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ada5f763c1dfaff7cff3db36c535fc4028ab9dfe942a67e8d41338112618a3c7
- Size
  
  842KB
- MD5
  
  777295c81d7047533678a619320de8be
- SHA1
  
  6acb4e5a2689f567d1149885c8183985235ee551
- SHA256
  
  ada5f763c1dfaff7cff3db36c535fc4028ab9dfe942a67e8d41338112618a3c7
- SHA512
  
  d769d0adb902ab73671cde874a85db75f7b770d840fdaba110e6a58d7faf7c963f1f2e67522be284b0cf0e1a8a80af745e577b34619d617f29876d09c5c1f26c
- SSDEEP
  
  24576:ZJ7PxMeanh0XSW+5Mxv3+mtihZIWXPsopBzQiZMm:ZJDxMeMyiW+OxmmGpppBSm
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan