a48c431e17fba7c0c92c3025d947f8584e9711047cf84b29772df045c0d7dc0f | Triage

Sharing

General

Target

2024-09-04_144c66a4e69c2dc52435e5a39d4e226f_avoslocker
Size

4.5MB
Sample

240904-1ltq6sxhqb
MD5

144c66a4e69c2dc52435e5a39d4e226f
SHA1

7fe972d021e2dbc774edfdccdaa1659aa1c63b6a
SHA256

a48c431e17fba7c0c92c3025d947f8584e9711047cf84b29772df045c0d7dc0f
SHA512

9ffdef0ae7d75973ad34d44e0201e184cfdcb8cb0f45b441ae98f5a190572c30be9af11f60ce4cb57f206c93f1ff028a15bb6e751441e3a5f60010cf1539202c
SSDEEP

98304:WWqq+Mb+AyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwc:WWaZWvjIy5YPvwzn7N/rTAYAZK6jywc

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-04_144c66a4e69c2dc52435e5a39d4e226f_avoslocker
- Size
  
  4.5MB
- MD5
  
  144c66a4e69c2dc52435e5a39d4e226f
- SHA1
  
  7fe972d021e2dbc774edfdccdaa1659aa1c63b6a
- SHA256
  
  a48c431e17fba7c0c92c3025d947f8584e9711047cf84b29772df045c0d7dc0f
- SHA512
  
  9ffdef0ae7d75973ad34d44e0201e184cfdcb8cb0f45b441ae98f5a190572c30be9af11f60ce4cb57f206c93f1ff028a15bb6e751441e3a5f60010cf1539202c
- SSDEEP
  
  98304:WWqq+Mb+AyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwc:WWaZWvjIy5YPvwzn7N/rTAYAZK6jywc
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan