8b4bd7402b3fd8737b7fa2f3bfd478b2f6b809169627b0ea0dd531af7f5520e6 | Triage

Sharing

General

Target

8b4bd7402b3fd8737b7fa2f3bfd478b2f6b809169627b0ea0dd531af7f5520e6
Size

893KB
Sample

221128-rz6s8aeh8z
MD5

b946250548876715d3538b32d4d8c56e
SHA1

31b92ece5a63d7847a5eae046f9e360f71bcab84
SHA256

8b4bd7402b3fd8737b7fa2f3bfd478b2f6b809169627b0ea0dd531af7f5520e6
SHA512

5dc56ec12a7319e85464607b1bc59fdeb639960126ade0b568978bcc9835ce38e11f1154824fc35f434ff250932afaa9ecb382d426a05c6df5263867adfb97f0
SSDEEP

24576:Tl2KWr0+97PAQnGfEMeWqueWmXMLFasNQuTkv:Tl2PQobWqueFMLMsNtwv

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  8b4bd7402b3fd8737b7fa2f3bfd478b2f6b809169627b0ea0dd531af7f5520e6
- Size
  
  893KB
- MD5
  
  b946250548876715d3538b32d4d8c56e
- SHA1
  
  31b92ece5a63d7847a5eae046f9e360f71bcab84
- SHA256
  
  8b4bd7402b3fd8737b7fa2f3bfd478b2f6b809169627b0ea0dd531af7f5520e6
- SHA512
  
  5dc56ec12a7319e85464607b1bc59fdeb639960126ade0b568978bcc9835ce38e11f1154824fc35f434ff250932afaa9ecb382d426a05c6df5263867adfb97f0
- SSDEEP
  
  24576:Tl2KWr0+97PAQnGfEMeWqueWmXMLFasNQuTkv:Tl2PQobWqueFMLMsNtwv
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2