af6cd96b4c3dce96b271612ae0dec360f1a52db5753a1a22d425821cd3e49ed9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af6cd96b4c3dce96b271612ae0dec360f1a52db5753a1a22d425821cd3e49ed9
Size

702KB
Sample

221204-mpymmseh4y
MD5

231ef2287cdff87bcf7b78ed133dcd7f
SHA1

b97e0b7e53a4f0ad510adb6a8e8cda0a3789389f
SHA256

af6cd96b4c3dce96b271612ae0dec360f1a52db5753a1a22d425821cd3e49ed9
SHA512

0048573742baed2ef037f9f18c35c658cee23add560a7fcbcc6e119bc6298e5a8fc7e54f49494f4a097d7d56e3effc6a66be950b54dee743a0a59c690aae08df
SSDEEP

12288:tZ5XdM8MBYeXW+LQrsyd6dcGPyX164QE2GG2C8Ruj6J1tEjEvjnXGkq4WEDW9bB7:tG8mvXWkQidDPNG2GGVrj63tEwv7WkaF

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  af6cd96b4c3dce96b271612ae0dec360f1a52db5753a1a22d425821cd3e49ed9
- Size
  
  702KB
- MD5
  
  231ef2287cdff87bcf7b78ed133dcd7f
- SHA1
  
  b97e0b7e53a4f0ad510adb6a8e8cda0a3789389f
- SHA256
  
  af6cd96b4c3dce96b271612ae0dec360f1a52db5753a1a22d425821cd3e49ed9
- SHA512
  
  0048573742baed2ef037f9f18c35c658cee23add560a7fcbcc6e119bc6298e5a8fc7e54f49494f4a097d7d56e3effc6a66be950b54dee743a0a59c690aae08df
- SSDEEP
  
  12288:tZ5XdM8MBYeXW+LQrsyd6dcGPyX164QE2GG2C8Ruj6J1tEjEvjnXGkq4WEDW9bB7:tG8mvXWkQidDPNG2GGVrj63tEwv7WkaF
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan