af030e5bd1c135675d9853d8af7b1c13dfe7849d5b559f2290e6ee3aa9fa74ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af030e5bd1c135675d9853d8af7b1c13dfe7849d5b559f2290e6ee3aa9fa74ec
Size

1.3MB
Sample

221204-rl9b7abc4s
MD5

0492702d3ad505a6104080378181a091
SHA1

1e09597cbb1f0a34490ca3bc01ad58f0568ebe28
SHA256

af030e5bd1c135675d9853d8af7b1c13dfe7849d5b559f2290e6ee3aa9fa74ec
SHA512

a1280065a5491887772239cd349600e54e71fd926bc81d1e04df44c02fc222f60209edf4d96f44331e17dae31363734989c65ef6a6526af49559f6fc9dd2d07f
SSDEEP

24576:l+yS8Fj8dqHX8ndmsjC8afRqVN/uR9WRATmdrBUZCqfHfH/ICtm7:Aqjw48ndmse8LBRATUe8qffQCt

Score

8^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  af030e5bd1c135675d9853d8af7b1c13dfe7849d5b559f2290e6ee3aa9fa74ec
- Size
  
  1.3MB
- MD5
  
  0492702d3ad505a6104080378181a091
- SHA1
  
  1e09597cbb1f0a34490ca3bc01ad58f0568ebe28
- SHA256
  
  af030e5bd1c135675d9853d8af7b1c13dfe7849d5b559f2290e6ee3aa9fa74ec
- SHA512
  
  a1280065a5491887772239cd349600e54e71fd926bc81d1e04df44c02fc222f60209edf4d96f44331e17dae31363734989c65ef6a6526af49559f6fc9dd2d07f
- SSDEEP
  
  24576:l+yS8Fj8dqHX8ndmsjC8afRqVN/uR9WRATmdrBUZCqfHfH/ICtm7:Aqjw48ndmse8LBRATUe8qffQCt
Score

8^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

discoveryevasionpersistencetrojan