ad1ace0dd4ae2bb821d5011e89c746e20b7c0b1c6f255983f8962daf9f5604fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad1ace0dd4ae2bb821d5011e89c746e20b7c0b1c6f255983f8962daf9f5604fa
Size

852KB
Sample

221128-gb57nshh96
MD5

0dba9c0c97682afac32c399d5d3ede76
SHA1

93e7de25fd1516b7c962f56f833881103783b2f9
SHA256

ad1ace0dd4ae2bb821d5011e89c746e20b7c0b1c6f255983f8962daf9f5604fa
SHA512

d76dd4d17011480d55f9a81a363770c1dca857f4d9b7123fbd4b4a23f374d60212e438ffed52519474eca4d99210d31282d4823988e2527ac13bafe681c08d63
SSDEEP

24576:NJVL0/JEy2fcAWnkN/Aj9VuwjO/64pQ39TNI6kjU2HscB:NJl0/J0N/i9uLGIJjU2nB

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ad1ace0dd4ae2bb821d5011e89c746e20b7c0b1c6f255983f8962daf9f5604fa
- Size
  
  852KB
- MD5
  
  0dba9c0c97682afac32c399d5d3ede76
- SHA1
  
  93e7de25fd1516b7c962f56f833881103783b2f9
- SHA256
  
  ad1ace0dd4ae2bb821d5011e89c746e20b7c0b1c6f255983f8962daf9f5604fa
- SHA512
  
  d76dd4d17011480d55f9a81a363770c1dca857f4d9b7123fbd4b4a23f374d60212e438ffed52519474eca4d99210d31282d4823988e2527ac13bafe681c08d63
- SSDEEP
  
  24576:NJVL0/JEy2fcAWnkN/Aj9VuwjO/64pQ39TNI6kjU2HscB:NJl0/J0N/i9uLGIJjU2nB
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan