12b4c49eb454d5d7147b134b3d349d9ff226891218372c1be7686622ee001e68 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

abd9541901b85c98cbd0bcb0ae709180N.exe
Size

4.5MB
Sample

240905-p1mevs1djq
MD5

abd9541901b85c98cbd0bcb0ae709180
SHA1

2311500871cc4e3746cc8e846d01efaf0df9c8f7
SHA256

12b4c49eb454d5d7147b134b3d349d9ff226891218372c1be7686622ee001e68
SHA512

5ba950bd5aae63aea89eafa3929d2fc2300d212ff7b6714bfc14f8ae2627f1380e75581ce5576d84b50f8fb26569014527482d6ccee598588430a314231df7a6
SSDEEP

98304:FWqq+Mb+jyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:FWaOWvjIy5YPvwzn7N/rTAYAZK6jyw

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  abd9541901b85c98cbd0bcb0ae709180N.exe
- Size
  
  4.5MB
- MD5
  
  abd9541901b85c98cbd0bcb0ae709180
- SHA1
  
  2311500871cc4e3746cc8e846d01efaf0df9c8f7
- SHA256
  
  12b4c49eb454d5d7147b134b3d349d9ff226891218372c1be7686622ee001e68
- SHA512
  
  5ba950bd5aae63aea89eafa3929d2fc2300d212ff7b6714bfc14f8ae2627f1380e75581ce5576d84b50f8fb26569014527482d6ccee598588430a314231df7a6
- SSDEEP
  
  98304:FWqq+Mb+jyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw:FWaOWvjIy5YPvwzn7N/rTAYAZK6jyw
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan