ac25252204a6e84f4daea809a3d6dfa1fc86b927948c2328c578a4261d219d3c | Triage

Sharing

General

Target

ac25252204a6e84f4daea809a3d6dfa1fc86b927948c2328c578a4261d219d3c
Size

1.2MB
Sample

221128-r3f2zabb88
MD5

143c3f6618bc1c16da9e716425bf23a8
SHA1

6ec709b50de53b9d1d6fbea29c3a553f04c42d97
SHA256

ac25252204a6e84f4daea809a3d6dfa1fc86b927948c2328c578a4261d219d3c
SHA512

c8596a6e3ebcfca0470eb1a6b32055071f94f687696d2bfba052a838a9471a8847f97edbc2f624bad6405cda85df3d141711417b33af1c53bdf94bef42fb0779
SSDEEP

12288:IGKiUyPYA+d208b2sgBfDINIsoVAIL88zkKikd6AgP0Vr0FugfLkBI3bJ9W:IJ/yjksg5DJBiInakrPmLHW

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac25252204a6e84f4daea809a3d6dfa1fc86b927948c2328c578a4261d219d3c
- Size
  
  1.2MB
- MD5
  
  143c3f6618bc1c16da9e716425bf23a8
- SHA1
  
  6ec709b50de53b9d1d6fbea29c3a553f04c42d97
- SHA256
  
  ac25252204a6e84f4daea809a3d6dfa1fc86b927948c2328c578a4261d219d3c
- SHA512
  
  c8596a6e3ebcfca0470eb1a6b32055071f94f687696d2bfba052a838a9471a8847f97edbc2f624bad6405cda85df3d141711417b33af1c53bdf94bef42fb0779
- SSDEEP
  
  12288:IGKiUyPYA+d208b2sgBfDINIsoVAIL88zkKikd6AgP0Vr0FugfLkBI3bJ9W:IJ/yjksg5DJBiInakrPmLHW
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan