c53eb3cc3a53a4c4bdd598d6cab0dd52e0f1c750919525e211fc54505e72e487 | Triage

Sharing

General

Target

2024-08-25_1d7fa272a6f70d34f55d41d150cfca14_avoslocker
Size

4.5MB
Sample

240825-g7byps1dpn
MD5

1d7fa272a6f70d34f55d41d150cfca14
SHA1

a4ee8887702e929a724e1bc19dd59d5ff73e06ae
SHA256

c53eb3cc3a53a4c4bdd598d6cab0dd52e0f1c750919525e211fc54505e72e487
SHA512

3a6a2e6c3ef3292e63b6f8641711d4eeda9de76837eb1d736d032ac79fe1a82be607a73608f2461ed9647b38ccb5cf53d034326d60790821a234aa784a0c3246
SSDEEP

98304:+Wqq+Mb+ryWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:+Wa2WvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-25_1d7fa272a6f70d34f55d41d150cfca14_avoslocker
- Size
  
  4.5MB
- MD5
  
  1d7fa272a6f70d34f55d41d150cfca14
- SHA1
  
  a4ee8887702e929a724e1bc19dd59d5ff73e06ae
- SHA256
  
  c53eb3cc3a53a4c4bdd598d6cab0dd52e0f1c750919525e211fc54505e72e487
- SHA512
  
  3a6a2e6c3ef3292e63b6f8641711d4eeda9de76837eb1d736d032ac79fe1a82be607a73608f2461ed9647b38ccb5cf53d034326d60790821a234aa784a0c3246
- SSDEEP
  
  98304:+Wqq+Mb+ryWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:+Wa2WvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan