d5e86d09d54245d37702b429367885410aa741c73d73d9ca1ed2f25a1c1618c4 | Triage

Sharing

General

Target

2024-09-13_2048f4ea72ea98ad956e9059e5183572_avoslocker_hijackloader
Size

4.5MB
Sample

240913-nlbjdazakn
MD5

2048f4ea72ea98ad956e9059e5183572
SHA1

ac2a381f0f70988cb3805c3cf7746deedeb283c1
SHA256

d5e86d09d54245d37702b429367885410aa741c73d73d9ca1ed2f25a1c1618c4
SHA512

84712af7a11b6f239fe8877b319c969b5f9937f67ff23e22966b8ad4fec6c95f4f388288f8d3ddefa20e9c5b1ccf6a4f92f98967095670b6ee6e534af5bb36e2
SSDEEP

98304:ZWqq+Mb+zyWv5Iy5YFWAvwznRdYacg3+SHhOq8foG+2r65l3CbnwP:ZWa+Wv5Iy5YPvwznBUSsq8W5YwP

Score

6^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-13_2048f4ea72ea98ad956e9059e5183572_avoslocker_hijackloader
- Size
  
  4.5MB
- MD5
  
  2048f4ea72ea98ad956e9059e5183572
- SHA1
  
  ac2a381f0f70988cb3805c3cf7746deedeb283c1
- SHA256
  
  d5e86d09d54245d37702b429367885410aa741c73d73d9ca1ed2f25a1c1618c4
- SHA512
  
  84712af7a11b6f239fe8877b319c969b5f9937f67ff23e22966b8ad4fec6c95f4f388288f8d3ddefa20e9c5b1ccf6a4f92f98967095670b6ee6e534af5bb36e2
- SSDEEP
  
  98304:ZWqq+Mb+zyWv5Iy5YFWAvwznRdYacg3+SHhOq8foG+2r65l3CbnwP:ZWa+Wv5Iy5YPvwznBUSsq8W5YwP
Score

6^/10

discovery evasion trojan
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan