ace09b82c3848d1f3d38501e36f8fa9b7d243380782a9857b9cb8b56bc5ea373 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ace09b82c3848d1f3d38501e36f8fa9b7d243380782a9857b9cb8b56bc5ea373
Size

798KB
Sample

221128-jglrbsfd57
MD5

8e64414e3edc1a10db9b20c980148715
SHA1

d21520d3a757109f34ac8c989b0ddad11b6b2c51
SHA256

ace09b82c3848d1f3d38501e36f8fa9b7d243380782a9857b9cb8b56bc5ea373
SHA512

20b9012d277e64af7e2ee1dcc61eb0e42c89f079d40abdcaec8c820c8170f2b574e6416549d8dc8d781e2bfcd5706ba63ec85a9824ffb174368c2297f4038e2f
SSDEEP

12288:9kzW5EyBLJAMK5EkSKcE6cEKNlvP+UqllfLV9VQtWAG/fRIvJvKzR991tIw8WQ8G:9vEyc/XGM3G33VfRoJvk93Cn8R4

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ace09b82c3848d1f3d38501e36f8fa9b7d243380782a9857b9cb8b56bc5ea373
- Size
  
  798KB
- MD5
  
  8e64414e3edc1a10db9b20c980148715
- SHA1
  
  d21520d3a757109f34ac8c989b0ddad11b6b2c51
- SHA256
  
  ace09b82c3848d1f3d38501e36f8fa9b7d243380782a9857b9cb8b56bc5ea373
- SHA512
  
  20b9012d277e64af7e2ee1dcc61eb0e42c89f079d40abdcaec8c820c8170f2b574e6416549d8dc8d781e2bfcd5706ba63ec85a9824ffb174368c2297f4038e2f
- SSDEEP
  
  12288:9kzW5EyBLJAMK5EkSKcE6cEKNlvP+UqllfLV9VQtWAG/fRIvJvKzR991tIw8WQ8G:9vEyc/XGM3G33VfRoJvk93Cn8R4
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan