93feb9635c26ef82093b2540008acd1ab27616d6c6e24d9f2098f410f30065a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-22_7f76736ac29f9cac92cdc4be556b461c_avoslocker
Size

4.2MB
Sample

240822-bhe16sthnq
MD5

7f76736ac29f9cac92cdc4be556b461c
SHA1

ff31c410b4a04d35220b3d6a98a8a788279f1b55
SHA256

93feb9635c26ef82093b2540008acd1ab27616d6c6e24d9f2098f410f30065a3
SHA512

ee50693ed649b22ddf10f9616488ac273adeef0ddaf74a24df5faada73d840d5e2fab1a85c5acbd1f1bae616917add668bf3889af461a5c7fe0278cbc13be72d
SSDEEP

98304:Wpq/d8kCBflMyQjujDW9tBcg2jGqwwAUEmB/UzLk++qNW7XpO6WUV4VKrml1kB3o:ncW5ujyp8jGqww9Eui4++qEBWUCVKxNo

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-22_7f76736ac29f9cac92cdc4be556b461c_avoslocker
- Size
  
  4.2MB
- MD5
  
  7f76736ac29f9cac92cdc4be556b461c
- SHA1
  
  ff31c410b4a04d35220b3d6a98a8a788279f1b55
- SHA256
  
  93feb9635c26ef82093b2540008acd1ab27616d6c6e24d9f2098f410f30065a3
- SHA512
  
  ee50693ed649b22ddf10f9616488ac273adeef0ddaf74a24df5faada73d840d5e2fab1a85c5acbd1f1bae616917add668bf3889af461a5c7fe0278cbc13be72d
- SSDEEP
  
  98304:Wpq/d8kCBflMyQjujDW9tBcg2jGqwwAUEmB/UzLk++qNW7XpO6WUV4VKrml1kB3o:ncW5ujyp8jGqww9Eui4++qEBWUCVKxNo
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan