9ef4f965c7895c14f6dc4a0496af716447a0a285be888393a1deefc619d94c3d | Triage

Sharing

General

Target

202304293bdc60824f7aeeedf12e4045d9d3a683virlock.bin
Size

307KB
Sample

230506-zpntnaff2t
MD5

3bdc60824f7aeeedf12e4045d9d3a683
SHA1

63e1058b10646c493473541d9737f5fdf1eb12b0
SHA256

9ef4f965c7895c14f6dc4a0496af716447a0a285be888393a1deefc619d94c3d
SHA512

8c2028bcf1eb9f514e04668dd1c4cddfc8258454346507a38fa3f67503713a2d2346ffe39c00acf8deb064489271bd804870b536ab09ad5e076456db73456dae
SSDEEP

6144:CTNAEn9aiLiSPXCxmG58l/rlhRQF7qmynDOT4Nj/0l:ENAK9aiLieCxmG5W/oGmynyTuj8l

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  202304293bdc60824f7aeeedf12e4045d9d3a683virlock.bin
- Size
  
  307KB
- MD5
  
  3bdc60824f7aeeedf12e4045d9d3a683
- SHA1
  
  63e1058b10646c493473541d9737f5fdf1eb12b0
- SHA256
  
  9ef4f965c7895c14f6dc4a0496af716447a0a285be888393a1deefc619d94c3d
- SHA512
  
  8c2028bcf1eb9f514e04668dd1c4cddfc8258454346507a38fa3f67503713a2d2346ffe39c00acf8deb064489271bd804870b536ab09ad5e076456db73456dae
- SSDEEP
  
  6144:CTNAEn9aiLiSPXCxmG58l/rlhRQF7qmynDOT4Nj/0l:ENAK9aiLieCxmG5W/oGmynyTuj8l
Score

10^/10

evasion persistence trojan
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencetrojan