40dd5b63f29337f0e05512acb0873f213cfa564d5a83a814aa19915dfbfe4c08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2023042988362a5f9fd72963c858e92086134ac6virlock.bin
Size

181KB
Sample

230506-zpyzmade62
MD5

88362a5f9fd72963c858e92086134ac6
SHA1

7ab4a605336899a2c536d457195986bcad83ba2b
SHA256

40dd5b63f29337f0e05512acb0873f213cfa564d5a83a814aa19915dfbfe4c08
SHA512

370216a9279af374cdca1c57e80129ba3b414a294453272ae81ce0e34834ad8332c7719b45f90f92bbaeb2e59c4ebad1aea4a51d21ad4a35d01f33c759c5132a
SSDEEP

3072:b9FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFk:b7h39FV8lWEAX7M8C+/0kUJ

Score

10^/10

evasion persistence spyware stealer trojan

Malware Config

Targets

- Target
  
  2023042988362a5f9fd72963c858e92086134ac6virlock.bin
- Size
  
  181KB
- MD5
  
  88362a5f9fd72963c858e92086134ac6
- SHA1
  
  7ab4a605336899a2c536d457195986bcad83ba2b
- SHA256
  
  40dd5b63f29337f0e05512acb0873f213cfa564d5a83a814aa19915dfbfe4c08
- SHA512
  
  370216a9279af374cdca1c57e80129ba3b414a294453272ae81ce0e34834ad8332c7719b45f90f92bbaeb2e59c4ebad1aea4a51d21ad4a35d01f33c759c5132a
- SSDEEP
  
  3072:b9FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFk:b7h39FV8lWEAX7M8C+/0kUJ
Score

10^/10

evasion persistence trojan spyware stealer
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hidden Files and Directories

Registry Run Keys / Startup Folder

Privilege Escalation

Bypass User Account Control

Defense Evasion

Bypass User Account Control

Disabling Security Tools

Hidden Files and Directories

Modify Registry

Credential Access

Credentials in Files

Discovery

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistencetrojan

behavioral2

evasionpersistencespywarestealertrojan