de9762d8bda6584ee05a47a94a419b558711b04d05098e4a0e86483abab815d0 | Triage

Sharing

General

Target

2024-08-21_094b27982222b24504ffd3f59b8468b2_avoslocker
Size

4.5MB
Sample

240821-bvhylatckc
MD5

094b27982222b24504ffd3f59b8468b2
SHA1

3156c5b27bb98a13d25ad0d5dea2c0c86d58af29
SHA256

de9762d8bda6584ee05a47a94a419b558711b04d05098e4a0e86483abab815d0
SHA512

959f08452b48884d221186518082597dd7d6e6095baca790221eb84282fce0187df88316bbe26dadd7e7ca24021047099a755dc04e16eb1197f629a4d15ab479
SSDEEP

98304:5Wqq+Mb+lyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:5WagWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-21_094b27982222b24504ffd3f59b8468b2_avoslocker
- Size
  
  4.5MB
- MD5
  
  094b27982222b24504ffd3f59b8468b2
- SHA1
  
  3156c5b27bb98a13d25ad0d5dea2c0c86d58af29
- SHA256
  
  de9762d8bda6584ee05a47a94a419b558711b04d05098e4a0e86483abab815d0
- SHA512
  
  959f08452b48884d221186518082597dd7d6e6095baca790221eb84282fce0187df88316bbe26dadd7e7ca24021047099a755dc04e16eb1197f629a4d15ab479
- SSDEEP
  
  98304:5Wqq+Mb+lyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:5WagWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan