eacd5ed86a8ddd368a1089c7b97b791258e3eeb89c76c6da829b58d469f654b2 | Triage

Submit
Reports

Overview

overview

Static

static

3

MrsMajor 3.0.exe

windows11-21h2-x64

Sharing

General

Target

MrsMajor 3.0.7z
Size

234KB
Sample

240502-pydpyabc44
MD5

fedb45ddbd72fc70a81c789763038d81
SHA1

f1ed20c626d0a7ca2808ed768e7d7b319bc4c84a
SHA256

eacd5ed86a8ddd368a1089c7b97b791258e3eeb89c76c6da829b58d469f654b2
SHA512

813c0367f3aeceea9be02ffad4bfa8092ea44b428e68db8f3f33e45e4e5e53599d985fa79a708679b6957cbd04d9b9d67b288137fa71ac5a59e917b8792c8298
SSDEEP

6144:HMMAgnxjSgdHCueEVIzAMAcqXvYEC86TFSQ:HagxjSg1xrIzAMAcuI5TFT

Score

10^/10

agilenet discovery evasion trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

MrsMajor 3.0.exe

Resource

win11-20240419-en

agilenet discovery evasion trojan

windows11-21h2-x64

21 signatures

150 seconds

Malware Config

Targets

- Target
  
  MrsMajor 3.0.exe
- Size
  
  381KB
- MD5
  
  35a27d088cd5be278629fae37d464182
- SHA1
  
  d5a291fadead1f2a0cf35082012fe6f4bf22a3ab
- SHA256
  
  4a75f2db1dbd3c1218bb9994b7e1c690c4edd4e0c1a675de8d2a127611173e69
- SHA512
  
  eb0be3026321864bd5bcf53b88dc951711d8c0b4bcbd46800b90ca5116a56dba22452530e29f3ccbbcc43d943bdefc8ed8ca2d31ba2e7e5f0e594f74adba4ab5
- SSDEEP
  
  6144:Th3idhONY259BH1DzJ5PzVNtGgc+F9TBd096cTKAsLEbqqbd+VWM8AHiKn9SlXNA:Th3iXPw9Tc6kVXMHHLEf8l7
Score

10^/10

agilenet discovery evasion trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Obfuscated with Agile.Net obfuscator
  Detects use of the Agile.Net commercial obfuscator, which is capable of entity renaming and control flow obfuscation.
  agilenet
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Process Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

agilenetdiscoveryevasiontrojan

© 2018-2024

Terms | Privacy