b05f1bcda6c0ff9b2ce45a06cb80b64e57cba9c44cf7f173824f635eb41ecefb | Triage

Sharing

General

Target

b05f1bcda6c0ff9b2ce45a06cb80b64e57cba9c44cf7f173824f635eb41ecefb
Size

804KB
Sample

221204-b6nyzsfc92
MD5

84f1b6daa6432874439712dcf01515a0
SHA1

482feb0d2e5e0b8014a61aadac44e8c163eca6a5
SHA256

b05f1bcda6c0ff9b2ce45a06cb80b64e57cba9c44cf7f173824f635eb41ecefb
SHA512

9be96072f84c1ea517b7fe37b4073c5549846fd3b36a43286c4e7f5fdcf89cd94ad73ef52533e298800559aba02c45852a34da230b9963d58c8c6d31e158df0b
SSDEEP

12288:gaJzDNOIwBpM9ZcaG5bflueUkJTn4gEftqriuerbEzGLhKhvHB4SO/fTDgJ7O03G:gau09ZuekVnj+hWp4S+fP47UJ6zwoK

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b05f1bcda6c0ff9b2ce45a06cb80b64e57cba9c44cf7f173824f635eb41ecefb
- Size
  
  804KB
- MD5
  
  84f1b6daa6432874439712dcf01515a0
- SHA1
  
  482feb0d2e5e0b8014a61aadac44e8c163eca6a5
- SHA256
  
  b05f1bcda6c0ff9b2ce45a06cb80b64e57cba9c44cf7f173824f635eb41ecefb
- SHA512
  
  9be96072f84c1ea517b7fe37b4073c5549846fd3b36a43286c4e7f5fdcf89cd94ad73ef52533e298800559aba02c45852a34da230b9963d58c8c6d31e158df0b
- SSDEEP
  
  12288:gaJzDNOIwBpM9ZcaG5bflueUkJTn4gEftqriuerbEzGLhKhvHB4SO/fTDgJ7O03G:gau09ZuekVnj+hWp4S+fP47UJ6zwoK
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan