1ba487db24ff779fb20cdd2dcb51b7c6aad505a0b73261dbb79a5a85457ef0ce | Triage

Sharing

General

Target

2024-01-09_dc486f3caf18a13ea8437c40a0a56430_virlock
Size

187KB
Sample

240110-grnybshegl
MD5

dc486f3caf18a13ea8437c40a0a56430
SHA1

50949dc3b134c3acdf6938a428fc59debe1c8133
SHA256

1ba487db24ff779fb20cdd2dcb51b7c6aad505a0b73261dbb79a5a85457ef0ce
SHA512

0b950e2b62e9ba98a132c75e9858be68a46b5e1fde8f940fcaa14373c5071d7a00b22706892c5bab0a76a84b52b174666072c1ecdea6415fbd7596e1d421cb06
SSDEEP

3072:UCtr8LFBcbqgM5JWoq60fw6s/iNTO0/CEaEv3TqQrxdf4GqjH:l98cbql446s/0h/Cmv57QGE

Score

10^/10

evasion persistence trojan

Malware Config

Targets

- Target
  
  2024-01-09_dc486f3caf18a13ea8437c40a0a56430_virlock
- Size
  
  187KB
- MD5
  
  dc486f3caf18a13ea8437c40a0a56430
- SHA1
  
  50949dc3b134c3acdf6938a428fc59debe1c8133
- SHA256
  
  1ba487db24ff779fb20cdd2dcb51b7c6aad505a0b73261dbb79a5a85457ef0ce
- SHA512
  
  0b950e2b62e9ba98a132c75e9858be68a46b5e1fde8f940fcaa14373c5071d7a00b22706892c5bab0a76a84b52b174666072c1ecdea6415fbd7596e1d421cb06
- SSDEEP
  
  3072:UCtr8LFBcbqgM5JWoq60fw6s/iNTO0/CEaEv3TqQrxdf4GqjH:l98cbql446s/0h/Cmv57QGE
Score

10^/10

persistence evasion trojan
- Modifies visibility of file extensions in Explorer
  evasion
- UAC bypass
  evasion trojan
- Blocklisted process makes network request
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Hide Artifacts

Hidden Files and Directories

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistencetrojan