ac64d4f7648e2a9521e077dfc75b215d65e58477d50ca57e8eb270a0fc752700 | Triage

Sharing

General

Target

ac64d4f7648e2a9521e077dfc75b215d65e58477d50ca57e8eb270a0fc752700
Size

815KB
Sample

221128-pb9tvsgd5s
MD5

2892120935196d3e2b79e4edccfb3c4d
SHA1

c633bf900b837b5b623f5de85a005116e79e1603
SHA256

ac64d4f7648e2a9521e077dfc75b215d65e58477d50ca57e8eb270a0fc752700
SHA512

fa5864ee555290ad0ebbda1772d4e18ade0092509510c562b5f8a89ef861851d829e348e2fee107817b79fffad3b40a0448e45f46b301ca46aa875405cf5e54a
SSDEEP

24576:aCRBatshHNLweo9XroJy2tevwfn7v9+HqJ:aCUsI/9XrFEWwfn7vgKJ

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac64d4f7648e2a9521e077dfc75b215d65e58477d50ca57e8eb270a0fc752700
- Size
  
  815KB
- MD5
  
  2892120935196d3e2b79e4edccfb3c4d
- SHA1
  
  c633bf900b837b5b623f5de85a005116e79e1603
- SHA256
  
  ac64d4f7648e2a9521e077dfc75b215d65e58477d50ca57e8eb270a0fc752700
- SHA512
  
  fa5864ee555290ad0ebbda1772d4e18ade0092509510c562b5f8a89ef861851d829e348e2fee107817b79fffad3b40a0448e45f46b301ca46aa875405cf5e54a
- SSDEEP
  
  24576:aCRBatshHNLweo9XroJy2tevwfn7v9+HqJ:aCUsI/9XrFEWwfn7vgKJ
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2