aa7d04a9fad39fb4745804a90489ef5c283b9ec780d8f577106042c9e0ed78eb | Triage

Sharing

General

Target

TOTALCMD64.EXE
Size

9.9MB
Sample

240613-qk7arsvbpl
MD5

010b1b115950c530717128a665f090ee
SHA1

bdabfdfc91f6ad541da2c6cd4a7abcb59f3e72c6
SHA256

aa7d04a9fad39fb4745804a90489ef5c283b9ec780d8f577106042c9e0ed78eb
SHA512

f52e2389dddc3d24ce64345a347813b6eed455e24d11c50fe31f0c197f36732bc0657e88bfb1f6abc3fbee60605e48cc7398d2bfb94733a5a11cbd2274779dd6
SSDEEP

98304:GtDMW/M1cWwyPIicHQDXiCjyWTg0enT3nXLhiGffxXyxFVr+HY:uDzIPxPncoXiv0eTcGff4PFN

Score

6^/10

evasion trojan

Malware Config

Targets

- Target
  
  TOTALCMD64.EXE
- Size
  
  9.9MB
- MD5
  
  010b1b115950c530717128a665f090ee
- SHA1
  
  bdabfdfc91f6ad541da2c6cd4a7abcb59f3e72c6
- SHA256
  
  aa7d04a9fad39fb4745804a90489ef5c283b9ec780d8f577106042c9e0ed78eb
- SHA512
  
  f52e2389dddc3d24ce64345a347813b6eed455e24d11c50fe31f0c197f36732bc0657e88bfb1f6abc3fbee60605e48cc7398d2bfb94733a5a11cbd2274779dd6
- SSDEEP
  
  98304:GtDMW/M1cWwyPIicHQDXiCjyWTg0enT3nXLhiGffxXyxFVr+HY:uDzIPxPncoXiv0eTcGff4PFN
Score

6^/10

evasion trojan
- Checks whether UAC is enabled
  evasion trojan
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Query Registry

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1