fa9a523f5750d6f412ea2e12fd75d73771627999d3a2b82e1a64de0938ff5ec9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-18_ab8fbc6ddaa3dee33e8dc2ef13366682_avoslocker
Size

4.5MB
Sample

240918-ywezna1gjq
MD5

ab8fbc6ddaa3dee33e8dc2ef13366682
SHA1

77db73e45f64e85c9cd82b84b227828d60bf873f
SHA256

fa9a523f5750d6f412ea2e12fd75d73771627999d3a2b82e1a64de0938ff5ec9
SHA512

0f122620db30f5905cdf4dd235f0dc222b972d92b9a6f5554083f12ea6aa44ea0964609744b83fceba183cae1c7e800f39ca0fafd550961a24acf54ff408b0e2
SSDEEP

98304:MWqq+Mb+oyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwz:MWahWvjIy5YPvwzn7N/rTAYAZK6jywz

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-18_ab8fbc6ddaa3dee33e8dc2ef13366682_avoslocker
- Size
  
  4.5MB
- MD5
  
  ab8fbc6ddaa3dee33e8dc2ef13366682
- SHA1
  
  77db73e45f64e85c9cd82b84b227828d60bf873f
- SHA256
  
  fa9a523f5750d6f412ea2e12fd75d73771627999d3a2b82e1a64de0938ff5ec9
- SHA512
  
  0f122620db30f5905cdf4dd235f0dc222b972d92b9a6f5554083f12ea6aa44ea0964609744b83fceba183cae1c7e800f39ca0fafd550961a24acf54ff408b0e2
- SSDEEP
  
  98304:MWqq+Mb+oyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwz:MWahWvjIy5YPvwzn7N/rTAYAZK6jywz
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan