6bb73b82af2d8d39ac0d1f99bdff0484f53dfa338e4b94527aef3d33804ace09 | Triage

Submit
Reports

Overview

overview

8

Static

static

3

59fa25bdbc...4f.exe

windows7-x64

8

59fa25bdbc...4f.exe

windows10-2004-x64

8

Sharing

General

Target

59fa25bdbc0c6a2e22a0a92a09097e4f
Size

672KB
Sample

240114-cc7dxabab7
MD5

59fa25bdbc0c6a2e22a0a92a09097e4f
SHA1

4e63e8445854294cecfd803e7accb9e007d37d49
SHA256

6bb73b82af2d8d39ac0d1f99bdff0484f53dfa338e4b94527aef3d33804ace09
SHA512

63f7632b717583906ad4f1c2f899a9e722ba94f3dea6db497290c1150faee93702c87048c71db933f015aeedc444e9afe0d3d64acae0205ae7dca57daa808f93
SSDEEP

12288:heBNUbTVO86UCHruRdp+WA00SKCpVRwf3XSVUhbxk9e/pJu:hJIUCNd0nKwYPX+UhbW9eM

Score

8^/10

discovery evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

59fa25bdbc0c6a2e22a0a92a09097e4f.exe

Resource

win7-20231129-en

discovery evasion trojan

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

59fa25bdbc0c6a2e22a0a92a09097e4f.exe

Resource

win10v2004-20231215-en

discovery evasion trojan

windows10-2004-x64

15 signatures

150 seconds

Malware Config

Targets

- Target
  
  59fa25bdbc0c6a2e22a0a92a09097e4f
- Size
  
  672KB
- MD5
  
  59fa25bdbc0c6a2e22a0a92a09097e4f
- SHA1
  
  4e63e8445854294cecfd803e7accb9e007d37d49
- SHA256
  
  6bb73b82af2d8d39ac0d1f99bdff0484f53dfa338e4b94527aef3d33804ace09
- SHA512
  
  63f7632b717583906ad4f1c2f899a9e722ba94f3dea6db497290c1150faee93702c87048c71db933f015aeedc444e9afe0d3d64acae0205ae7dca57daa808f93
- SSDEEP
  
  12288:heBNUbTVO86UCHruRdp+WA00SKCpVRwf3XSVUhbxk9e/pJu:hJIUCNd0nKwYPX+UhbW9eM
Score

8^/10

discovery evasion trojan
- Disables taskbar notifications via registry modification
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Windows security modification
  evasion trojan
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan

© 2018-2024

Terms | Privacy