af21ab32b121db2db7e53a8cc1bb01cf8625df497cee33215817145e8bccda31 | Triage

Sharing

General

Target

af21ab32b121db2db7e53a8cc1bb01cf8625df497cee33215817145e8bccda31
Size

831KB
Sample

221204-qgqhvaca63
MD5

5d7ff5408ec6018581cad394f4e28aa5
SHA1

889605deb26f89f8c28dfc7b2a843913cae39a3b
SHA256

af21ab32b121db2db7e53a8cc1bb01cf8625df497cee33215817145e8bccda31
SHA512

74193bb282af734ad2ea7fb766a03935ecdf825c28c202fdbd1ad00816caee4354813dac9947fffd917aaad2a2251ba3b8b471b2c144f0bb0b52104408b2de72
SSDEEP

24576:xZEtuSDB5hjbuXzBUzEt4ZApDvueh64XxustISAXc:xk5R82OvQ4UCoc

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  af21ab32b121db2db7e53a8cc1bb01cf8625df497cee33215817145e8bccda31
- Size
  
  831KB
- MD5
  
  5d7ff5408ec6018581cad394f4e28aa5
- SHA1
  
  889605deb26f89f8c28dfc7b2a843913cae39a3b
- SHA256
  
  af21ab32b121db2db7e53a8cc1bb01cf8625df497cee33215817145e8bccda31
- SHA512
  
  74193bb282af734ad2ea7fb766a03935ecdf825c28c202fdbd1ad00816caee4354813dac9947fffd917aaad2a2251ba3b8b471b2c144f0bb0b52104408b2de72
- SSDEEP
  
  24576:xZEtuSDB5hjbuXzBUzEt4ZApDvueh64XxustISAXc:xk5R82OvQ4UCoc
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan