3baafda6c48627691d843e547f4bbb0591f8351cf8775cb9a0abf6272312ff61 | Triage

Sharing

General

Target

3baafda6c48627691d843e547f4bbb0591f8351cf8775cb9a0abf6272312ff61N.exe
Size

797KB
Sample

240927-geyl1a1bmd
MD5

eb56401f38c13069475ed928637a3ad0
SHA1

22e326efff5a3c60cd3937f740aca74e97cfb09a
SHA256

3baafda6c48627691d843e547f4bbb0591f8351cf8775cb9a0abf6272312ff61
SHA512

60a3a3b6391c0133e41b05a7245355316127426e81b5f83456a6f417e8bb043ac040a26e45aa162b665836aaee904e811734ea56d7b13a1f058c39300e9894bf
SSDEEP

12288:R85EaY+n2KGBS3H514ZfX4yemLd0gXLAlEZui+XGTQ70NtBWggHtm3U:R0Yn03UZ/Xd9LAlExd+GtBWggI3U

Score

7^/10

discovery evasion persistence privilege_escalation trojan

Malware Config

Targets

- Target
  
  3baafda6c48627691d843e547f4bbb0591f8351cf8775cb9a0abf6272312ff61N.exe
- Size
  
  797KB
- MD5
  
  eb56401f38c13069475ed928637a3ad0
- SHA1
  
  22e326efff5a3c60cd3937f740aca74e97cfb09a
- SHA256
  
  3baafda6c48627691d843e547f4bbb0591f8351cf8775cb9a0abf6272312ff61
- SHA512
  
  60a3a3b6391c0133e41b05a7245355316127426e81b5f83456a6f417e8bb043ac040a26e45aa162b665836aaee904e811734ea56d7b13a1f058c39300e9894bf
- SSDEEP
  
  12288:R85EaY+n2KGBS3H514ZfX4yemLd0gXLAlEZui+XGTQ70NtBWggHtm3U:R0Yn03UZ/Xd9LAlExd+GtBWggI3U
Score

7^/10

discovery evasion persistence privilege_escalation trojan
- Event Triggered Execution: Component Object Model Hijacking
  Adversaries may establish persistence by executing malicious content triggered by hijacked references to Component Object Model (COM) objects.
  persistence privilege_escalation
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Component Object Model Hijacking

Privilege Escalation

Event Triggered Execution

Component Object Model Hijacking

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistenceprivilege_escalationtrojan

behavioral2

discoveryevasionpersistenceprivilege_escalationtrojan