6eca59602c2fc088519450b7bd6c43fb117908e17d37ad783718de41716771cf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-30_c3203cf9be0fdda4aa1d47efcbfc932e_avoslocker
Size

4.5MB
Sample

240930-hny5ka1enp
MD5

c3203cf9be0fdda4aa1d47efcbfc932e
SHA1

a9fd0b7480c99fe91654780010cadb69455c917d
SHA256

6eca59602c2fc088519450b7bd6c43fb117908e17d37ad783718de41716771cf
SHA512

dd1f2514d85220afea5f451e9a8857043ea422b30ca21cc4749a7580328e0e4a02da0ad9e3ae759c44a2f6c5b139310e8be8073c2efabffae2b485ded24bcaf2
SSDEEP

98304:bWqq+Mb+syWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnww:bWaFWvjIy5YPvwzn7N/rTAYAZK6jyww

Score

7^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-09-30_c3203cf9be0fdda4aa1d47efcbfc932e_avoslocker
- Size
  
  4.5MB
- MD5
  
  c3203cf9be0fdda4aa1d47efcbfc932e
- SHA1
  
  a9fd0b7480c99fe91654780010cadb69455c917d
- SHA256
  
  6eca59602c2fc088519450b7bd6c43fb117908e17d37ad783718de41716771cf
- SHA512
  
  dd1f2514d85220afea5f451e9a8857043ea422b30ca21cc4749a7580328e0e4a02da0ad9e3ae759c44a2f6c5b139310e8be8073c2efabffae2b485ded24bcaf2
- SSDEEP
  
  98304:bWqq+Mb+syWvjIy5YFWAvwzn7Nx99JEIjFMm2Va/5AZK6j0xnww:bWaFWvjIy5YPvwzn7N/rTAYAZK6jyww
Score

7^/10

discovery evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan