a28e6d70e6a17faa0ef6e43d9a776fbba5b5b7daf0980170b63a551207f3d573 | Triage

Sharing

General

Target

a28e6d70e6a17faa0ef6e43d9a776fbba5b5b7daf0980170b63a551207f3d573
Size

1.3MB
Sample

240505-pe4r1sch98
MD5

bbc0d6532d42260b4876444bbf65465c
SHA1

af33d82dc860ebadb0811d8f9627b0fc78419651
SHA256

a28e6d70e6a17faa0ef6e43d9a776fbba5b5b7daf0980170b63a551207f3d573
SHA512

29b3afe3bb68d926da82dff5ad11ee30edc50b3299a85df435c22cc0f087fd0030bf10874f0462cf358940733a342e6a30e77a066a503aa5a8e3782a9e0bbb40
SSDEEP

24576:48gKrbN4quLytJRTkl4g27H9Zj6+N2JoATCnoiH/g87wyPaAmIExtKj:48gdutJRSq7dZgHUMyngjW

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  EVDsetup/#XIAOYI.VC.url
- Size
  
  118B
- MD5
  
  d4dc1c9dc7de3b22d6ebcf2ddb2f9da7
- SHA1
  
  6aa0a6e04e88f137646d06a13f1f357ab4dc1363
- SHA256
  
  c5e57e234eff00ddec429b1b209dd09664d4122bbfe156d75a2382776b2abbaf
- SHA512
  
  1b92a08ded87fe7a6676227002e7b65f001165c28d325ea34b3711956767b322bc130aa10cd20d5d4a71240e46140d7cd781ffb5ce3b4ab867e790f15bf2458b
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2
- Target
  
  EVDsetup/#ע.url
- Size
  
  115B
- MD5
  
  8bb3aeeb162438d6de1e0a15fbb01b38
- SHA1
  
  0db43ea0734183182af86fde5ac41e723e8e500e
- SHA256
  
  dd3f8ceacbb77fa73f70a7f74aab25b7e16cae5502ad288ad30ed4f3df1bd754
- SHA512
  
  c653cd05eb6dee32be6c43d7949ca079aa61f75188ec21da6b95d8c64fc1cef7b6da05edac5ca15c48db8ef917a3246897f95eb134cc049b1ade7ccda0cf940f
Score

1^/10
behavioral3 behavioral4
- Target
  
  EVDsetup/EVDsetup.exe
- Size
  
  1.7MB
- MD5
  
  07b414c2329beb9bf041342e3ed7235f
- SHA1
  
  82af12c5963cb7f30fac0cdd6719578ed8fb715b
- SHA256
  
  4073e1d8d1951e4e10554cabbc5e01e60f3d6f843fe7ceb382bad18927efe521
- SHA512
  
  10079a875f8820da8857a14af67dacee99f5597e4df2aa36766111cc24f64e627d134869745deb553920ea1bb096829755db1bfb1cb809fe78a1daa75faf56fc
- SSDEEP
  
  24576:L7FUDowAyrTVE3U5FCaJRtkL44IHt9ZXu+ZIJo8x8hkiHNckvwyhaumwE7tUv:LBuZrEUJJR+aHfZaD4oybgx6
Score

7^/10
- Executes dropped EXE
- Loads dropped DLL
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4

behavioral5

behavioral6