ac63a9fc45fcca2a1d7dd9c64a2f976b3febb13b0856b2acba53eb6b55e65e7e | Triage

Sharing

General

Target

ac63a9fc45fcca2a1d7dd9c64a2f976b3febb13b0856b2acba53eb6b55e65e7e
Size

885KB
Sample

221128-pdcl5sgd8x
MD5

03cce7ebc95ff8a6eedffa6672835ac2
SHA1

3ee99f5faffda65e10e9d81dd13be2578966865a
SHA256

ac63a9fc45fcca2a1d7dd9c64a2f976b3febb13b0856b2acba53eb6b55e65e7e
SHA512

e8a00fe9b5de1dddeb8e52c7430073228a8edff08dcc8bde0d2b722450eaaec4e1fdf95826e9c1050ab4d5509bab259e87e22dfdd300a6ef4bd824876d463650
SSDEEP

24576:HeV4UeF+thvizj3akk+nwGTJcMjCx6MhaPgUAYjQu6JZYkJ6ys:HeV3tivs+nvThja7Iof5Jbs

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac63a9fc45fcca2a1d7dd9c64a2f976b3febb13b0856b2acba53eb6b55e65e7e
- Size
  
  885KB
- MD5
  
  03cce7ebc95ff8a6eedffa6672835ac2
- SHA1
  
  3ee99f5faffda65e10e9d81dd13be2578966865a
- SHA256
  
  ac63a9fc45fcca2a1d7dd9c64a2f976b3febb13b0856b2acba53eb6b55e65e7e
- SHA512
  
  e8a00fe9b5de1dddeb8e52c7430073228a8edff08dcc8bde0d2b722450eaaec4e1fdf95826e9c1050ab4d5509bab259e87e22dfdd300a6ef4bd824876d463650
- SSDEEP
  
  24576:HeV4UeF+thvizj3akk+nwGTJcMjCx6MhaPgUAYjQu6JZYkJ6ys:HeV3tivs+nvThja7Iof5Jbs
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2