85ea52a0bcbc7caa7652ef34f6a78e2ea0d14e12f640a38149a8bd858364ce98 | Triage

Sharing

General

Target

85ea52a0bcbc7caa7652ef34f6a78e2ea0d14e12f640a38149a8bd858364ce98
Size

877KB
Sample

221128-r1k8xaba59
MD5

bc1a024a2541a08c039a2d2e7b8c78ba
SHA1

7595320d16dfdd4cf5a0b572bdc0e42a2809f99f
SHA256

85ea52a0bcbc7caa7652ef34f6a78e2ea0d14e12f640a38149a8bd858364ce98
SHA512

95f970c344a26bd5b11970bf8a753e4181d9740549ea70563934448554b49498e9cea59420c25e7797adf14b48aed9882aac16dfc7a8f91555966dcafc3f0a63
SSDEEP

12288:zOCuUuYh4Pnh4Uf9v3SDDarj6m4uxa8NSQc3DwGjk7ZXCScIy1Sy95u795pCqRPd:zyX4UfSajRFEQRG0HcIyt+Z5hNMdu9V

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  85ea52a0bcbc7caa7652ef34f6a78e2ea0d14e12f640a38149a8bd858364ce98
- Size
  
  877KB
- MD5
  
  bc1a024a2541a08c039a2d2e7b8c78ba
- SHA1
  
  7595320d16dfdd4cf5a0b572bdc0e42a2809f99f
- SHA256
  
  85ea52a0bcbc7caa7652ef34f6a78e2ea0d14e12f640a38149a8bd858364ce98
- SHA512
  
  95f970c344a26bd5b11970bf8a753e4181d9740549ea70563934448554b49498e9cea59420c25e7797adf14b48aed9882aac16dfc7a8f91555966dcafc3f0a63
- SSDEEP
  
  12288:zOCuUuYh4Pnh4Uf9v3SDDarj6m4uxa8NSQc3DwGjk7ZXCScIy1Sy95u795pCqRPd:zyX4UfSajRFEQRG0HcIyt+Z5hNMdu9V
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2