44b7767e90c9a7d83b3f9e42789ecb9e008cd53224c83333f82220d7f26e631b | Triage

Sharing

General

Target

2024-08-26_2530b8feac696c079e304a3462804517_avoslocker
Size

4.5MB
Sample

240826-bem8dawbrg
MD5

2530b8feac696c079e304a3462804517
SHA1

5a3d6a2231fc4be82969b19408792965daf7acf4
SHA256

44b7767e90c9a7d83b3f9e42789ecb9e008cd53224c83333f82220d7f26e631b
SHA512

fb603d0406ad468bb623eddf02358ad95f50269a18f2d971f92922c15610061fbd734a9473cc05ce71b754bd4d532a42e4ef75229eedf4e81917331beae84c92
SSDEEP

98304:XWqq+Mb+5yWv/Iy5YFWAvwznIdcwmIOQqjdkipazHMFnPVXhinw:XWaUWv/Iy5YPvwznomKdipazsNPdhiw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-26_2530b8feac696c079e304a3462804517_avoslocker
- Size
  
  4.5MB
- MD5
  
  2530b8feac696c079e304a3462804517
- SHA1
  
  5a3d6a2231fc4be82969b19408792965daf7acf4
- SHA256
  
  44b7767e90c9a7d83b3f9e42789ecb9e008cd53224c83333f82220d7f26e631b
- SHA512
  
  fb603d0406ad468bb623eddf02358ad95f50269a18f2d971f92922c15610061fbd734a9473cc05ce71b754bd4d532a42e4ef75229eedf4e81917331beae84c92
- SSDEEP
  
  98304:XWqq+Mb+5yWv/Iy5YFWAvwznIdcwmIOQqjdkipazHMFnPVXhinw:XWaUWv/Iy5YPvwznomKdipazsNPdhiw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan