f6089cff4029cfa2ba5d8424ab3f6a220b63bdc4f02c27a773c1c6ed3a3701fe | Triage

Sharing

General

Target

2024-08-24_3411fdd3b70712bc9b7eea5b07a986b6_avoslocker
Size

4.5MB
Sample

240824-as7cqsxflj
MD5

3411fdd3b70712bc9b7eea5b07a986b6
SHA1

b65461ff5386a858888a6ca0e2a733ef3b5140ab
SHA256

f6089cff4029cfa2ba5d8424ab3f6a220b63bdc4f02c27a773c1c6ed3a3701fe
SHA512

c75a98d242acd314788d052b3041e3c7f41af21e2d44e62ef321ae8341f0812782271b6dae6be3915333a1d9f4c71c1bc09df3230bea17ee4c45988c24920726
SSDEEP

98304:0Wqq+Mb+QyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:0WaJWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-24_3411fdd3b70712bc9b7eea5b07a986b6_avoslocker
- Size
  
  4.5MB
- MD5
  
  3411fdd3b70712bc9b7eea5b07a986b6
- SHA1
  
  b65461ff5386a858888a6ca0e2a733ef3b5140ab
- SHA256
  
  f6089cff4029cfa2ba5d8424ab3f6a220b63bdc4f02c27a773c1c6ed3a3701fe
- SHA512
  
  c75a98d242acd314788d052b3041e3c7f41af21e2d44e62ef321ae8341f0812782271b6dae6be3915333a1d9f4c71c1bc09df3230bea17ee4c45988c24920726
- SSDEEP
  
  98304:0Wqq+Mb+QyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:0WaJWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan