5305c9292596b6a9e74666278527d968dca3923506f8eca45b34fe8cd84e86a4 | Triage

Sharing

General

Target

5305c9292596b6a9e74666278527d968dca3923506f8eca45b34fe8cd84e86a4
Size

878KB
Sample

221128-r3qamsbc25
MD5

c6273ce4dad8208e041bfe3fad26f6b9
SHA1

29caaeba2469f67f20cbd60641a647dde3089dd8
SHA256

5305c9292596b6a9e74666278527d968dca3923506f8eca45b34fe8cd84e86a4
SHA512

566633ae8060348e6b17295e9d9c2d041c287039eb9a4be724fa6fd1387ca4e4dc23983a1f9a19a430118ebee4bb3890bce19b6721deedaedf22c68dc9e241b0
SSDEEP

12288:lO98VCpoW+W8JcK8C4uIqHnQUXdiEZVrKzdGdI7mdD9VqmpYfqVXnw8XPgiE6dRp:laj8f8ruTPNiYtKx57mdD1pK78XNdRp

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  5305c9292596b6a9e74666278527d968dca3923506f8eca45b34fe8cd84e86a4
- Size
  
  878KB
- MD5
  
  c6273ce4dad8208e041bfe3fad26f6b9
- SHA1
  
  29caaeba2469f67f20cbd60641a647dde3089dd8
- SHA256
  
  5305c9292596b6a9e74666278527d968dca3923506f8eca45b34fe8cd84e86a4
- SHA512
  
  566633ae8060348e6b17295e9d9c2d041c287039eb9a4be724fa6fd1387ca4e4dc23983a1f9a19a430118ebee4bb3890bce19b6721deedaedf22c68dc9e241b0
- SSDEEP
  
  12288:lO98VCpoW+W8JcK8C4uIqHnQUXdiEZVrKzdGdI7mdD9VqmpYfqVXnw8XPgiE6dRp:laj8f8ruTPNiYtKx57mdD1pK78XNdRp
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2