d3f954b1db8519a8a21058915bd9053afa1fac9d30c7596e817f3cda66ec2a42 | Triage

Sharing

General

Target

2024-09-30_4079949cf5b7aac0810938d048bf5fd0_avoslocker
Size

4.5MB
Sample

240930-e1d4daxhmj
MD5

4079949cf5b7aac0810938d048bf5fd0
SHA1

44a79c437548146b5e282f1c5e3913fdfe83c25f
SHA256

d3f954b1db8519a8a21058915bd9053afa1fac9d30c7596e817f3cda66ec2a42
SHA512

874e137d66b15b935fc08a01f7b4a7ea6fd0f36897d147272c0f74ef44a3fc1eb31497c7d35ceb8b9c1f5c2ce445d8154cb4ecca5d5aec8daf305be4fb8a0902
SSDEEP

98304:lWqq+Mb+TyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwb:lWaeWvjIy5YPvwzn7N/rTAYAZK6jywb

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-30_4079949cf5b7aac0810938d048bf5fd0_avoslocker
- Size
  
  4.5MB
- MD5
  
  4079949cf5b7aac0810938d048bf5fd0
- SHA1
  
  44a79c437548146b5e282f1c5e3913fdfe83c25f
- SHA256
  
  d3f954b1db8519a8a21058915bd9053afa1fac9d30c7596e817f3cda66ec2a42
- SHA512
  
  874e137d66b15b935fc08a01f7b4a7ea6fd0f36897d147272c0f74ef44a3fc1eb31497c7d35ceb8b9c1f5c2ce445d8154cb4ecca5d5aec8daf305be4fb8a0902
- SSDEEP
  
  98304:lWqq+Mb+TyWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnwb:lWaeWvjIy5YPvwzn7N/rTAYAZK6jywb
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan