11bc80c4cb2db09acba55b98c8ea802f069f15c4cef0d64c5057710d83288e84 | Triage

Sharing

General

Target

2024-09-12_8ebc461dbb819de71f52b3984352b6d6_avoslocker
Size

4.5MB
Sample

240912-nn4b6stcne
MD5

8ebc461dbb819de71f52b3984352b6d6
SHA1

77bb92f932c16c006888d04947349e10bb36300c
SHA256

11bc80c4cb2db09acba55b98c8ea802f069f15c4cef0d64c5057710d83288e84
SHA512

aefd3e2fad271154fee79144b452f6d1e85d94500d0c539c6dcc8f1e623a7657d0b705ac32d58d092b16eb56dda477d2014531cf0f4957a6810ca42a44e0a391
SSDEEP

98304:4Wqq+Mb+OyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw+:4WafWvjIy5YPvwzn7N/rTAYAZK6jyw+

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-12_8ebc461dbb819de71f52b3984352b6d6_avoslocker
- Size
  
  4.5MB
- MD5
  
  8ebc461dbb819de71f52b3984352b6d6
- SHA1
  
  77bb92f932c16c006888d04947349e10bb36300c
- SHA256
  
  11bc80c4cb2db09acba55b98c8ea802f069f15c4cef0d64c5057710d83288e84
- SHA512
  
  aefd3e2fad271154fee79144b452f6d1e85d94500d0c539c6dcc8f1e623a7657d0b705ac32d58d092b16eb56dda477d2014531cf0f4957a6810ca42a44e0a391
- SSDEEP
  
  98304:4Wqq+Mb+OyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnw+:4WafWvjIy5YPvwzn7N/rTAYAZK6jyw+
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan