b03cc896eb5b82733ce0eeee451ffabeb2f424394da6e412a4a9422ac4cab3c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b03cc896eb5b82733ce0eeee451ffabeb2f424394da6e412a4a9422ac4cab3c7
Size

855KB
Sample

221204-dhqh1sfa2z
MD5

30cb43171f45eaf61d25b7fe1d202278
SHA1

fa0492a1694e4e4fe6cbb4d44a5e075501131bbf
SHA256

b03cc896eb5b82733ce0eeee451ffabeb2f424394da6e412a4a9422ac4cab3c7
SHA512

89a99d94b97f11b92a3567a9d755461f8d2fe977bc7bb9e3d14aaf6320b8953862335b82166a463c5ee8ab529d412a4a2c851d5e5e1850b0d08396d7db653e43
SSDEEP

24576:I4/ayNyUWKaxWjlE7Ne5zu2xQe0YgWpgX:zbjlEZeScR0cWX

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  b03cc896eb5b82733ce0eeee451ffabeb2f424394da6e412a4a9422ac4cab3c7
- Size
  
  855KB
- MD5
  
  30cb43171f45eaf61d25b7fe1d202278
- SHA1
  
  fa0492a1694e4e4fe6cbb4d44a5e075501131bbf
- SHA256
  
  b03cc896eb5b82733ce0eeee451ffabeb2f424394da6e412a4a9422ac4cab3c7
- SHA512
  
  89a99d94b97f11b92a3567a9d755461f8d2fe977bc7bb9e3d14aaf6320b8953862335b82166a463c5ee8ab529d412a4a2c851d5e5e1850b0d08396d7db653e43
- SSDEEP
  
  24576:I4/ayNyUWKaxWjlE7Ne5zu2xQe0YgWpgX:zbjlEZeScR0cWX
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan