b052ffc149f6692717df5db9d2e139e22b837702e66654f0cff2a5e0a4b0faef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b052ffc149f6692717df5db9d2e139e22b837702e66654f0cff2a5e0a4b0faef
Size

794KB
Sample

221204-cm2w6sce7t
MD5

30ce385ce80db2b036f881f6a824f998
SHA1

2523f9733b9fb8a146a8c464640977db1e22c4ea
SHA256

b052ffc149f6692717df5db9d2e139e22b837702e66654f0cff2a5e0a4b0faef
SHA512

7e2405747cfd5807d07ad194f235763cf5ba700e1a7b5ac89a141acd2426d1e67cce94925cfeda094a72efbfdbaa750f8039184bafc15c09df32a786b18ebd56
SSDEEP

12288:YYWnd8iugmYfNzdtQXd/5kr/MslrDaTOSNViT0si7ee2LL234gmQ/bN2:q8nXQdaX15mrDaT00ENLL21DN2

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b052ffc149f6692717df5db9d2e139e22b837702e66654f0cff2a5e0a4b0faef
- Size
  
  794KB
- MD5
  
  30ce385ce80db2b036f881f6a824f998
- SHA1
  
  2523f9733b9fb8a146a8c464640977db1e22c4ea
- SHA256
  
  b052ffc149f6692717df5db9d2e139e22b837702e66654f0cff2a5e0a4b0faef
- SHA512
  
  7e2405747cfd5807d07ad194f235763cf5ba700e1a7b5ac89a141acd2426d1e67cce94925cfeda094a72efbfdbaa750f8039184bafc15c09df32a786b18ebd56
- SSDEEP
  
  12288:YYWnd8iugmYfNzdtQXd/5kr/MslrDaTOSNViT0si7ee2LL234gmQ/bN2:q8nXQdaX15mrDaT00ENLL21DN2
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan