8da5da5c220ea0228bad20687c5accdd926df12bc2ed7cc7b3d71eea07bdc455 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware
Size

20.6MB
Sample

241018-hs15qatbrf
MD5

a1b338a63169050613156d09be5eae22
SHA1

0a809cc73336ee42fdeda5a89bc4e1cf5e60a1ad
SHA256

8da5da5c220ea0228bad20687c5accdd926df12bc2ed7cc7b3d71eea07bdc455
SHA512

fa27d1ea4ebfcc483143757cdd7077b127cf3c541a58c006f365f200845337e4776e601cd3738ffa667424741d15dce0bf9740804a016890a981a3d8b43c4630
SSDEEP

393216:jDvjrBGFgxTX996+r32F+rDxSPv4OYcYdkc3lGWOTrjLxdYpi6uY8:jDpb/GFqIPv4Xcbc3cJjL36

Score

10^/10

discovery evasion trojan

Malware Config

Targets

- Target
  
  2024-10-18_a1b338a63169050613156d09be5eae22_bkransomware
- Size
  
  20.6MB
- MD5
  
  a1b338a63169050613156d09be5eae22
- SHA1
  
  0a809cc73336ee42fdeda5a89bc4e1cf5e60a1ad
- SHA256
  
  8da5da5c220ea0228bad20687c5accdd926df12bc2ed7cc7b3d71eea07bdc455
- SHA512
  
  fa27d1ea4ebfcc483143757cdd7077b127cf3c541a58c006f365f200845337e4776e601cd3738ffa667424741d15dce0bf9740804a016890a981a3d8b43c4630
- SSDEEP
  
  393216:jDvjrBGFgxTX996+r32F+rDxSPv4OYcYdkc3lGWOTrjLxdYpi6uY8:jDpb/GFqIPv4Xcbc3cJjL36
Score

10^/10

discovery evasion trojan
- UAC bypass
  evasion trojan
- Executes dropped EXE
- Loads dropped DLL
- Checks whether UAC is enabled
  evasion trojan
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojan

behavioral2

discoveryevasiontrojan