7fc5675545046c8751e568320d6c5b9be0bacaa45a26c70ea4940df93ae20e86 | Triage

Sharing

General

Target

7fc5675545046c8751e568320d6c5b9be0bacaa45a26c70ea4940df93ae20e86
Size

881KB
Sample

221128-r1tv2sba73
MD5

d43bd3347a527151853c98ee6437c831
SHA1

264cc688cbebfabe884f8d74f9f17fe2c725a906
SHA256

7fc5675545046c8751e568320d6c5b9be0bacaa45a26c70ea4940df93ae20e86
SHA512

c087cbc12242c6b0efda94d47374e69e53aeb3d0e91e0abb466a72225ae2784bc9eb67abe49f7835fc648b5da9d7e69dce76dbd18af870365cc1a1e5d8cb6e40
SSDEEP

24576:qGJUL1K8AcoNyh/XSFh5Ki2XzfuUaim8Ly+zrrPulr:qGypKHcXSn46Upm89PQr

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  7fc5675545046c8751e568320d6c5b9be0bacaa45a26c70ea4940df93ae20e86
- Size
  
  881KB
- MD5
  
  d43bd3347a527151853c98ee6437c831
- SHA1
  
  264cc688cbebfabe884f8d74f9f17fe2c725a906
- SHA256
  
  7fc5675545046c8751e568320d6c5b9be0bacaa45a26c70ea4940df93ae20e86
- SHA512
  
  c087cbc12242c6b0efda94d47374e69e53aeb3d0e91e0abb466a72225ae2784bc9eb67abe49f7835fc648b5da9d7e69dce76dbd18af870365cc1a1e5d8cb6e40
- SSDEEP
  
  24576:qGJUL1K8AcoNyh/XSFh5Ki2XzfuUaim8Ly+zrrPulr:qGypKHcXSn46Upm89PQr
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2