2e5f727b95527d3320a50400c48bec4208dd10f39776e667fccfc943287f27ff | Triage

Submit
Reports

Overview

overview

8

Static

static

setup_pstm...ta.exe

windows7-x64

8

setup_pstm...ta.exe

windows10-2004-x64

8

Sharing

General

Target

setup_pstmafm44x_20220402_Beta.exe
Size

29.0MB
Sample

230125-msxvhsfg59
MD5

153d9212e049fa053d2337de207f169f
SHA1

8c8b0692d48c3bc8ede9f426993f283943c79537
SHA256

2e5f727b95527d3320a50400c48bec4208dd10f39776e667fccfc943287f27ff
SHA512

daa6a6e39824ded9cbc716ac2aa734c7be124fbfb1156ed03818b9d7891d7cbf7685c73f82cdf82f0812ae9f64d0f1da89523dc5060f589da04b06ef8230d6a0
SSDEEP

786432:iliap7IQWxhhh+3vLccvBG7yadtUlkiYno6RgzQCTyr0satP8:iliaBEhhh+3vNvBGyeGk5o6i0Ayr0sY0

Score

8^/10

discovery evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

setup_pstmafm44x_20220402_Beta.exe

Resource

win7-20220901-en

discovery evasion persistence trojan

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

setup_pstmafm44x_20220402_Beta.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  setup_pstmafm44x_20220402_Beta.exe
- Size
  
  29.0MB
- MD5
  
  153d9212e049fa053d2337de207f169f
- SHA1
  
  8c8b0692d48c3bc8ede9f426993f283943c79537
- SHA256
  
  2e5f727b95527d3320a50400c48bec4208dd10f39776e667fccfc943287f27ff
- SHA512
  
  daa6a6e39824ded9cbc716ac2aa734c7be124fbfb1156ed03818b9d7891d7cbf7685c73f82cdf82f0812ae9f64d0f1da89523dc5060f589da04b06ef8230d6a0
- SSDEEP
  
  786432:iliap7IQWxhhh+3vLccvBG7yadtUlkiYno6RgzQCTyr0satP8:iliaBEhhh+3vNvBGyeGk5o6i0Ayr0sY0
Score

8^/10

discovery evasion persistence trojan
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Loads dropped DLL
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2

© 2018-2024

Terms | Privacy