5803cb436f86e0a8c1438a04a833c9425b5ddf39fd3f765d9fdae81da2535dc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-21_10105f5a64e0ad38e424c26309b5b66a_avoslocker
Size

4.5MB
Sample

240821-bxhevaxcqm
MD5

10105f5a64e0ad38e424c26309b5b66a
SHA1

87f36eb92edde595d712c2847c1a070b39c38387
SHA256

5803cb436f86e0a8c1438a04a833c9425b5ddf39fd3f765d9fdae81da2535dc8
SHA512

58c842031f48ca122c15b69e41b6a23577299f06d9d96f9200a76e9aac5212357ca22cb5d8f37262742cd9b9a6137c894fdb4bbc8e9c955da6d627c89d281cd5
SSDEEP

98304:XWqq+Mb+syWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:XWaFWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-21_10105f5a64e0ad38e424c26309b5b66a_avoslocker
- Size
  
  4.5MB
- MD5
  
  10105f5a64e0ad38e424c26309b5b66a
- SHA1
  
  87f36eb92edde595d712c2847c1a070b39c38387
- SHA256
  
  5803cb436f86e0a8c1438a04a833c9425b5ddf39fd3f765d9fdae81da2535dc8
- SHA512
  
  58c842031f48ca122c15b69e41b6a23577299f06d9d96f9200a76e9aac5212357ca22cb5d8f37262742cd9b9a6137c894fdb4bbc8e9c955da6d627c89d281cd5
- SSDEEP
  
  98304:XWqq+Mb+syWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:XWaFWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan