1d0c062bcaf7383f62a72da89ef025d90caffcaf95c98a8ee3eee4c4f675b11f | Triage

Sharing

General

Target

2024-07-23_5b9517939a635debd7511c8b1f2a0de6_avoslocker
Size

4.3MB
Sample

240723-kcb7rswgjc
MD5

5b9517939a635debd7511c8b1f2a0de6
SHA1

bcf1492a18c8f06c29cd5cc077c7dc6322b69d27
SHA256

1d0c062bcaf7383f62a72da89ef025d90caffcaf95c98a8ee3eee4c4f675b11f
SHA512

d339747dea4c8785dfa68f85f4641e54da286948d5f25d796b4cf195c7ef7d06ae7e5436d66b38cd101b2b1fac5ff66120f0460b83a984311e5245752a5b2cb9
SSDEEP

98304:qpq/d8kCBTlMyQjujDW9tBcg2jGqwwAOWNTcjcycRgT8kB3tiXj:jcy5ujyp8jGqww6ZKTLNtmj

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  2024-07-23_5b9517939a635debd7511c8b1f2a0de6_avoslocker
- Size
  
  4.3MB
- MD5
  
  5b9517939a635debd7511c8b1f2a0de6
- SHA1
  
  bcf1492a18c8f06c29cd5cc077c7dc6322b69d27
- SHA256
  
  1d0c062bcaf7383f62a72da89ef025d90caffcaf95c98a8ee3eee4c4f675b11f
- SHA512
  
  d339747dea4c8785dfa68f85f4641e54da286948d5f25d796b4cf195c7ef7d06ae7e5436d66b38cd101b2b1fac5ff66120f0460b83a984311e5245752a5b2cb9
- SSDEEP
  
  98304:qpq/d8kCBTlMyQjujDW9tBcg2jGqwwAOWNTcjcycRgT8kB3tiXj:jcy5ujyp8jGqww6ZKTLNtmj
Score

7^/10

evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2