a836f8892b542556243b12331da0670da090b7216257e5ab5c42f267e5eef645 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_d9f700d122e8cf49d1e2e507bce6a7a9_avoslocker
Size

4.5MB
Sample

240829-lc51hstgnd
MD5

d9f700d122e8cf49d1e2e507bce6a7a9
SHA1

997a05ef7d6010924eff263451bd5fdfc2835bb8
SHA256

a836f8892b542556243b12331da0670da090b7216257e5ab5c42f267e5eef645
SHA512

2f3b817f54e6c87e7a33ad6066c9f5e9e059e969a67bac5de6a9696dd80afa06786b9ac6db27fd0dceb242451de1e898d3bc42107e5967fbbe9aa25be7ec8c6c
SSDEEP

98304:KWqq+Mb+7yWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:KWamWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-08-29_d9f700d122e8cf49d1e2e507bce6a7a9_avoslocker
- Size
  
  4.5MB
- MD5
  
  d9f700d122e8cf49d1e2e507bce6a7a9
- SHA1
  
  997a05ef7d6010924eff263451bd5fdfc2835bb8
- SHA256
  
  a836f8892b542556243b12331da0670da090b7216257e5ab5c42f267e5eef645
- SHA512
  
  2f3b817f54e6c87e7a33ad6066c9f5e9e059e969a67bac5de6a9696dd80afa06786b9ac6db27fd0dceb242451de1e898d3bc42107e5967fbbe9aa25be7ec8c6c
- SSDEEP
  
  98304:KWqq+Mb+7yWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:KWamWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan