2cf546e1719bc3b85322e6d900eb1e51366b9764931a776293239546da0894e8 | Triage

Sharing

General

Target

2024-08-19_4b0164ded11770b99334ade496bd63d0_avoslocker
Size

4.5MB
Sample

240819-bl376swclf
MD5

4b0164ded11770b99334ade496bd63d0
SHA1

371f4ceaa56fb4d1a9517fee3fb6ef738837c950
SHA256

2cf546e1719bc3b85322e6d900eb1e51366b9764931a776293239546da0894e8
SHA512

ec65cd784fa077a942899c6363668ebf69dc70e815e4488e5250a8e44abd138d9070b39b7f5727df63f55bf514000a1a96676f0b8013fea2b6e18ef82d9b82e7
SSDEEP

98304:TWqq+Mb+AyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:TWaZWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-19_4b0164ded11770b99334ade496bd63d0_avoslocker
- Size
  
  4.5MB
- MD5
  
  4b0164ded11770b99334ade496bd63d0
- SHA1
  
  371f4ceaa56fb4d1a9517fee3fb6ef738837c950
- SHA256
  
  2cf546e1719bc3b85322e6d900eb1e51366b9764931a776293239546da0894e8
- SHA512
  
  ec65cd784fa077a942899c6363668ebf69dc70e815e4488e5250a8e44abd138d9070b39b7f5727df63f55bf514000a1a96676f0b8013fea2b6e18ef82d9b82e7
- SSDEEP
  
  98304:TWqq+Mb+AyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:TWaZWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan