ad6766948ae0f2c1362b41cd122e42b08f236fc581b0a834779e1f7baf8e1504 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad6766948ae0f2c1362b41cd122e42b08f236fc581b0a834779e1f7baf8e1504
Size

805KB
Sample

221128-c8a1ksde9t
MD5

0811d1e2f7f4b9c2d6c68e768ef72fdd
SHA1

632c6a04996759d73be3fec57dcb070127aa0e53
SHA256

ad6766948ae0f2c1362b41cd122e42b08f236fc581b0a834779e1f7baf8e1504
SHA512

3795f800d93ec2b862c2e13ecf4a44f6819f7144855481e649903e1958da5222cb9b5a50bfca44a7873cfef846161cf273d85d539be8438d94c203453b0f091d
SSDEEP

12288:TkSPlO25Sr95o13pf5M/nYEicVco3PEH0Q2972nqful97Ya9PSUEn6y+QHDQcbel:ISPIo13l4np1zMUQ292nFEZ6IQciX88

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ad6766948ae0f2c1362b41cd122e42b08f236fc581b0a834779e1f7baf8e1504
- Size
  
  805KB
- MD5
  
  0811d1e2f7f4b9c2d6c68e768ef72fdd
- SHA1
  
  632c6a04996759d73be3fec57dcb070127aa0e53
- SHA256
  
  ad6766948ae0f2c1362b41cd122e42b08f236fc581b0a834779e1f7baf8e1504
- SHA512
  
  3795f800d93ec2b862c2e13ecf4a44f6819f7144855481e649903e1958da5222cb9b5a50bfca44a7873cfef846161cf273d85d539be8438d94c203453b0f091d
- SSDEEP
  
  12288:TkSPlO25Sr95o13pf5M/nYEicVco3PEH0Q2972nqful97Ya9PSUEn6y+QHDQcbel:ISPIo13l4np1zMUQ292nFEZ6IQciX88
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan