ac2a6ea3d7e9883d3563a5861557f32af8ae222396270ae22f066f2dea692d1a | Triage

Sharing

General

Target

ac2a6ea3d7e9883d3563a5861557f32af8ae222396270ae22f066f2dea692d1a
Size

701KB
Sample

221128-rtxclaee71
MD5

136ce4ad5a76d1624c1c2871bf572623
SHA1

029dfa4adf06aec96c53b7d2cfbec229d3a0abe0
SHA256

ac2a6ea3d7e9883d3563a5861557f32af8ae222396270ae22f066f2dea692d1a
SHA512

52fdd306cc033d456cbd52e26bfed9566c7b1b9ca848767554c8dd4bdf4656e705eb80306e60a06ae4399a1e30a39968421926f8777f93124e019b335c808e5f
SSDEEP

12288:8OBbjTIILz5yfnfiyFeYPZMqEVWb/b+COg45IqPBu/qlZ5j5ybm3PaYbWv9EJ4XR:8ycfigoAb/bPOxbJDDt5yESYaFhR

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  ac2a6ea3d7e9883d3563a5861557f32af8ae222396270ae22f066f2dea692d1a
- Size
  
  701KB
- MD5
  
  136ce4ad5a76d1624c1c2871bf572623
- SHA1
  
  029dfa4adf06aec96c53b7d2cfbec229d3a0abe0
- SHA256
  
  ac2a6ea3d7e9883d3563a5861557f32af8ae222396270ae22f066f2dea692d1a
- SHA512
  
  52fdd306cc033d456cbd52e26bfed9566c7b1b9ca848767554c8dd4bdf4656e705eb80306e60a06ae4399a1e30a39968421926f8777f93124e019b335c808e5f
- SSDEEP
  
  12288:8OBbjTIILz5yfnfiyFeYPZMqEVWb/b+COg45IqPBu/qlZ5j5ybm3PaYbWv9EJ4XR:8ycfigoAb/bPOxbJDDt5yESYaFhR
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan