2b1fca990a02eedabeb83e8ec4f3064bff738eddd52fcac9a3b4de28b5b22016 | Triage

Sharing

General

Target

2024-08-21_5cf5dad64805f6d50a937b69735a0af8_avoslocker
Size

4.5MB
Sample

240821-ljvs5a1crf
MD5

5cf5dad64805f6d50a937b69735a0af8
SHA1

f468179efd2e85874a1b93b54d3b0ed462704b0f
SHA256

2b1fca990a02eedabeb83e8ec4f3064bff738eddd52fcac9a3b4de28b5b22016
SHA512

f79dd41227bc6d6bca4cefc7c445b31f72a3b4c6ac3ce2c1992be1845a26ef0212c95c2aa812fa49b7f8a4a4c5bb39531234dcff221b24c40158b616a3d82293
SSDEEP

98304:rWqq+Mb+fyWvHIy5YFWAvwznUYxSMaLZDvYSYJ2LiUvwRRNsknw:rWaKWvHIy5YPvwzn/sZDPm2mUvwRRmkw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-21_5cf5dad64805f6d50a937b69735a0af8_avoslocker
- Size
  
  4.5MB
- MD5
  
  5cf5dad64805f6d50a937b69735a0af8
- SHA1
  
  f468179efd2e85874a1b93b54d3b0ed462704b0f
- SHA256
  
  2b1fca990a02eedabeb83e8ec4f3064bff738eddd52fcac9a3b4de28b5b22016
- SHA512
  
  f79dd41227bc6d6bca4cefc7c445b31f72a3b4c6ac3ce2c1992be1845a26ef0212c95c2aa812fa49b7f8a4a4c5bb39531234dcff221b24c40158b616a3d82293
- SSDEEP
  
  98304:rWqq+Mb+fyWvHIy5YFWAvwznUYxSMaLZDvYSYJ2LiUvwRRNsknw:rWaKWvHIy5YPvwzn/sZDPm2mUvwRRmkw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan