b05b737caad025ea020aa78a30556413af63aba2db5a62a6db90a72f5c8eac45 | Triage

Sharing

General

Target

b05b737caad025ea020aa78a30556413af63aba2db5a62a6db90a72f5c8eac45
Size

893KB
Sample

221204-cbmywabf2s
MD5

58a0e97652ad19703295423708490fc3
SHA1

f503f52c059437eaf4a0dec8314da5e4e6c414a8
SHA256

b05b737caad025ea020aa78a30556413af63aba2db5a62a6db90a72f5c8eac45
SHA512

01dc9cf37cf51908001bece5fb8b1b0cd16840824e26f90b6f99076a9ad201093918e1e3adca38cef98c13154426f3313d0f4f29f6e96bc115977bd04fa88b2d
SSDEEP

12288:3xsAOM158J1mUuDPWTPCw979tV3LOyco91nnNj56vCuDxJ1j3saRK8WG6NyyNVY:3vwAUsOTPV9/L3D9hnGfxD3/WXlNVY

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b05b737caad025ea020aa78a30556413af63aba2db5a62a6db90a72f5c8eac45
- Size
  
  893KB
- MD5
  
  58a0e97652ad19703295423708490fc3
- SHA1
  
  f503f52c059437eaf4a0dec8314da5e4e6c414a8
- SHA256
  
  b05b737caad025ea020aa78a30556413af63aba2db5a62a6db90a72f5c8eac45
- SHA512
  
  01dc9cf37cf51908001bece5fb8b1b0cd16840824e26f90b6f99076a9ad201093918e1e3adca38cef98c13154426f3313d0f4f29f6e96bc115977bd04fa88b2d
- SSDEEP
  
  12288:3xsAOM158J1mUuDPWTPCw979tV3LOyco91nnNj56vCuDxJ1j3saRK8WG6NyyNVY:3vwAUsOTPV9/L3D9hnGfxD3/WXlNVY
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2