6e06419416c12f884ae8d5267770cdbb2a5e5009e20f678e2845b8f1c82f10b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

820a3b87840d7a6089a71800fc9d31e0.bin
Size

878KB
Sample

240531-c4d7fadd25
MD5

820a3b87840d7a6089a71800fc9d31e0
SHA1

22583367fe6480ebf48e4114bdf0e7f511e2f5a8
SHA256

6e06419416c12f884ae8d5267770cdbb2a5e5009e20f678e2845b8f1c82f10b4
SHA512

285f307e28d1a647557966159c452c96922f366699afeb6e3327ea6675ec6501cc62ca6289347bd9224fc4ddfee0a0446d455c2cc287e5ac2984bd8758f8f014
SSDEEP

12288:Vk8y1XBwrSO+EAfs+arWRDeHT2PihQ60qB2KfJvGgD3XPz9sKV8LOSGh/6qMki:Vkw+A+4T2XZcw0P3V8LNGhXMki

Score

7^/10

discovery evasion persistence trojan

Malware Config

Targets

- Target
  
  820a3b87840d7a6089a71800fc9d31e0.bin
- Size
  
  878KB
- MD5
  
  820a3b87840d7a6089a71800fc9d31e0
- SHA1
  
  22583367fe6480ebf48e4114bdf0e7f511e2f5a8
- SHA256
  
  6e06419416c12f884ae8d5267770cdbb2a5e5009e20f678e2845b8f1c82f10b4
- SHA512
  
  285f307e28d1a647557966159c452c96922f366699afeb6e3327ea6675ec6501cc62ca6289347bd9224fc4ddfee0a0446d455c2cc287e5ac2984bd8758f8f014
- SSDEEP
  
  12288:Vk8y1XBwrSO+EAfs+arWRDeHT2PihQ60qB2KfJvGgD3XPz9sKV8LOSGh/6qMki:Vkw+A+4T2XZcw0P3V8LNGhXMki
Score

7^/10

discovery evasion persistence trojan
- Registers COM server for autorun
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencetrojan

behavioral2