ac6382ab8ca7e97aee2e1d95647d7d7a956af545b053834da610f3b4699c8389 | Triage

Sharing

General

Target

ac6382ab8ca7e97aee2e1d95647d7d7a956af545b053834da610f3b4699c8389
Size

882KB
Sample

221128-pdqh1age2y
MD5

9217d1dc2d467a426042243ec91e5284
SHA1

4acffe711e47c86df6948646224bd6ac3f8d7669
SHA256

ac6382ab8ca7e97aee2e1d95647d7d7a956af545b053834da610f3b4699c8389
SHA512

aa6457b6f33c15f11be5a8c3d6a4df679099ddfd606b72448124e563319c4b0f21f66adb6d2471367ad1ca1a0f89e6a39a385a712511bfec6d33f6cd07199862
SSDEEP

12288:oB3OjU/RdNEk/97PyTq8ezANvAttNoIPLPYh1qOaelabmdndYDR5k++prHM/64IB:ojL3KqMNv0tjPzYhQZezhdSkjV75T

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac6382ab8ca7e97aee2e1d95647d7d7a956af545b053834da610f3b4699c8389
- Size
  
  882KB
- MD5
  
  9217d1dc2d467a426042243ec91e5284
- SHA1
  
  4acffe711e47c86df6948646224bd6ac3f8d7669
- SHA256
  
  ac6382ab8ca7e97aee2e1d95647d7d7a956af545b053834da610f3b4699c8389
- SHA512
  
  aa6457b6f33c15f11be5a8c3d6a4df679099ddfd606b72448124e563319c4b0f21f66adb6d2471367ad1ca1a0f89e6a39a385a712511bfec6d33f6cd07199862
- SSDEEP
  
  12288:oB3OjU/RdNEk/97PyTq8ezANvAttNoIPLPYh1qOaelabmdndYDR5k++prHM/64IB:ojL3KqMNv0tjPzYhQZezhdSkjV75T
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2