ec868c3afd5037cb16e9735a2cdb0a87928f91704cb330b8a9e8a1a2c48d02b9 | Triage

Sharing

General

Target

trueconf_client_x64.exe
Size

165.6MB
Sample

231023-nq7glsgb7s
MD5

d03ef1d566dcac5f9e2d49f4ed84e53a
SHA1

cfac2dd529b0bb1b3876d7a704980a2bcd755c54
SHA256

ec868c3afd5037cb16e9735a2cdb0a87928f91704cb330b8a9e8a1a2c48d02b9
SHA512

e61a742615632cfb19b2fa57520ffeb54462cecc0eb88f2fea1090fc7e3b26dad04c1575a0645aa85c071fdb15cbf7b4e16dbca4516a22448cb1f71ec71db074
SSDEEP

3145728:W6U4S+4K0osmMZIXg08WLDcaNvmy6/KveF+r+xDCSs7kl2EnKglmkA2pgHzOo:WySw01BIQCmyW7R4LEnKJIgHzOo

Score

8^/10

discovery evasion persistence

Malware Config

Targets

- Target
  
  trueconf_client_x64.exe
- Size
  
  165.6MB
- MD5
  
  d03ef1d566dcac5f9e2d49f4ed84e53a
- SHA1
  
  cfac2dd529b0bb1b3876d7a704980a2bcd755c54
- SHA256
  
  ec868c3afd5037cb16e9735a2cdb0a87928f91704cb330b8a9e8a1a2c48d02b9
- SHA512
  
  e61a742615632cfb19b2fa57520ffeb54462cecc0eb88f2fea1090fc7e3b26dad04c1575a0645aa85c071fdb15cbf7b4e16dbca4516a22448cb1f71ec71db074
- SSDEEP
  
  3145728:W6U4S+4K0osmMZIXg08WLDcaNvmy6/KveF+r+xDCSs7kl2EnKglmkA2pgHzOo:WySw01BIQCmyW7R4LEnKJIgHzOo
Score

8^/10

discovery evasion persistence
- Modifies Windows Firewall
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Create or Modify System Process

Windows Service

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistence

behavioral2

discoveryevasionpersistence