af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545 | Triage

Sharing

General

Target

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
Size

794KB
Sample

221204-psxkvsde9s
MD5

157e766b6f202406bd8e661ad0a364c2
SHA1

bc97249ce6488ac0ae81e4b3f70df9de1ca9e94f
SHA256

af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
SHA512

bfa0e69e0fb896f181e460b777cb759999153d43e4c4a8580991f3c8504e59da8462e022f3a947ae83dd7f7ba1480fb070908891f6342e3c50e3b047ee0341b9
SSDEEP

12288:sR2f18iuLtvWrXbKOte4DEV/AEgHxir2bXlYviTUoiTJBfXJmUX9Yer9zgDO:N8nJvZMF4dgHxTXlYsUzBJmUXW2mDO

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
- Size
  
  794KB
- MD5
  
  157e766b6f202406bd8e661ad0a364c2
- SHA1
  
  bc97249ce6488ac0ae81e4b3f70df9de1ca9e94f
- SHA256
  
  af35e1320eef3a1e1ce01a5b236966c692a835ca7afd52ec68f93ee41926a545
- SHA512
  
  bfa0e69e0fb896f181e460b777cb759999153d43e4c4a8580991f3c8504e59da8462e022f3a947ae83dd7f7ba1480fb070908891f6342e3c50e3b047ee0341b9
- SSDEEP
  
  12288:sR2f18iuLtvWrXbKOte4DEV/AEgHxir2bXlYviTUoiTJBfXJmUX9Yer9zgDO:N8nJvZMF4dgHxTXlYsUzBJmUXW2mDO
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan