585d07b1eca8692412d1adbb74dc3b9986c4ad2c91ebcee8a678ded763a71d9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-05_bb7a570c0e495ac43b7ba2ba0c951a0a_avoslocker
Size

4.5MB
Sample

240905-l836ssyajr
MD5

bb7a570c0e495ac43b7ba2ba0c951a0a
SHA1

1b524b84ab324a3f5a2ed2bee4f6d21596385fca
SHA256

585d07b1eca8692412d1adbb74dc3b9986c4ad2c91ebcee8a678ded763a71d9c
SHA512

869655c7b1845afda10b2c3524481d1de587bf7a83b1f3383ae66f05397840079ca8a27560c676e9e5a90439c2f4bc780a325a209b4b7f09f5a1243979d2bb4d
SSDEEP

98304:4Wqq+Mb+GyWvHIy5YFWAvwznUYxSMaLZDvYSYJ2LiUvwRRNsknw6:4Wa3WvHIy5YPvwzn/sZDPm2mUvwRRmkp

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-05_bb7a570c0e495ac43b7ba2ba0c951a0a_avoslocker
- Size
  
  4.5MB
- MD5
  
  bb7a570c0e495ac43b7ba2ba0c951a0a
- SHA1
  
  1b524b84ab324a3f5a2ed2bee4f6d21596385fca
- SHA256
  
  585d07b1eca8692412d1adbb74dc3b9986c4ad2c91ebcee8a678ded763a71d9c
- SHA512
  
  869655c7b1845afda10b2c3524481d1de587bf7a83b1f3383ae66f05397840079ca8a27560c676e9e5a90439c2f4bc780a325a209b4b7f09f5a1243979d2bb4d
- SSDEEP
  
  98304:4Wqq+Mb+GyWvHIy5YFWAvwznUYxSMaLZDvYSYJ2LiUvwRRNsknw6:4Wa3WvHIy5YPvwzn/sZDPm2mUvwRRmkp
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan