ad86c503fa30e29d5248b945daea63b6bfa2c293272221fbd4c835f100e6c2f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad86c503fa30e29d5248b945daea63b6bfa2c293272221fbd4c835f100e6c2f5
Size

871KB
Sample

221128-bs68eade69
MD5

357088fef153a9de9344301d7f7a839c
SHA1

9065322198316743b79997e73395144c678cb807
SHA256

ad86c503fa30e29d5248b945daea63b6bfa2c293272221fbd4c835f100e6c2f5
SHA512

a7c532ebfa006f1bf496187e0e0bd30c13d8fe5e4005929153f3924a1d89327c45ab97624e846225f42f409f2fbbdb52d4e516bd4e345c65dbb6ddaa14358d55
SSDEEP

24576:qXVFstIf70Vsu8/3f549M0XaXebkRLEJT8pkuHbCceE:qFF1T0Ku8/3xwXaXeVOppeE

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ad86c503fa30e29d5248b945daea63b6bfa2c293272221fbd4c835f100e6c2f5
- Size
  
  871KB
- MD5
  
  357088fef153a9de9344301d7f7a839c
- SHA1
  
  9065322198316743b79997e73395144c678cb807
- SHA256
  
  ad86c503fa30e29d5248b945daea63b6bfa2c293272221fbd4c835f100e6c2f5
- SHA512
  
  a7c532ebfa006f1bf496187e0e0bd30c13d8fe5e4005929153f3924a1d89327c45ab97624e846225f42f409f2fbbdb52d4e516bd4e345c65dbb6ddaa14358d55
- SSDEEP
  
  24576:qXVFstIf70Vsu8/3f549M0XaXebkRLEJT8pkuHbCceE:qFF1T0Ku8/3xwXaXeVOppeE
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2