95d4d03fecb1e11b1e7bed3b5bd01be3fd4b365bf1924171e9b99f157c331b95 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95d4d03fecb1e11b1e7bed3b5bd01be3fd4b365bf1924171e9b99f157c331b95
Size

7.2MB
Sample

221201-zn9dzadf7w
MD5

3ac0c01fcefa263e1caf9065acf723e2
SHA1

11ab86469f549a91d9b8628d20990b5d469e7270
SHA256

95d4d03fecb1e11b1e7bed3b5bd01be3fd4b365bf1924171e9b99f157c331b95
SHA512

4de172eb94fb2c453a8f1d4afb23370cc4c673d1664d48ba8d3e71dec5fb8b02d80b7e5a6d37f53550a1aee4b9015cfcf3a264d0951220d3d98ec5187757ccb0
SSDEEP

98304:4xcESA3oIHFnHqA0o8PVWrEgetJ/450iiliZCVj6jcdXgdfEBexCcMPrM13FPkcf:c1qA0oOVWrEx/kniIwmzdcjHD6Qi

Score

8^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  95d4d03fecb1e11b1e7bed3b5bd01be3fd4b365bf1924171e9b99f157c331b95
- Size
  
  7.2MB
- MD5
  
  3ac0c01fcefa263e1caf9065acf723e2
- SHA1
  
  11ab86469f549a91d9b8628d20990b5d469e7270
- SHA256
  
  95d4d03fecb1e11b1e7bed3b5bd01be3fd4b365bf1924171e9b99f157c331b95
- SHA512
  
  4de172eb94fb2c453a8f1d4afb23370cc4c673d1664d48ba8d3e71dec5fb8b02d80b7e5a6d37f53550a1aee4b9015cfcf3a264d0951220d3d98ec5187757ccb0
- SSDEEP
  
  98304:4xcESA3oIHFnHqA0o8PVWrEgetJ/450iiliZCVj6jcdXgdfEBexCcMPrM13FPkcf:c1qA0oOVWrEx/kniIwmzdcjHD6Qi
Score

8^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan