fa455fbe41daf5cad4c91c593ceb24a178a956bc57dbc23d8da4420233e28824 | Triage

Submit
Reports

Overview

overview

8

Static

static

tasks_186.vir.exe

windows7_x64

8

tasks_186.vir.exe

windows10_x64

1

Sharing

General

Target

tasks_186.vir
Size

216KB
Sample

200719-89crxzsx8x
MD5

227f68fac3992ae31b4a1ebc456a163b
SHA1

ff900897793414bf7b5a79f7780f63edc4d01c9c
SHA256

fa455fbe41daf5cad4c91c593ceb24a178a956bc57dbc23d8da4420233e28824
SHA512

e968c94575e71b7c156729256d7460a03dc92a0502382ea01340e6ac6fb7f5b8b07a489413cb08db7830a2e0e7730c8271b0a2fae52b071a01bbe5033efa1d3e

Score

8^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

tasks_186.vir.exe

Resource

win7

persistence evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tasks_186.vir.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tasks_186.vir
- Size
  
  216KB
- MD5
  
  227f68fac3992ae31b4a1ebc456a163b
- SHA1
  
  ff900897793414bf7b5a79f7780f63edc4d01c9c
- SHA256
  
  fa455fbe41daf5cad4c91c593ceb24a178a956bc57dbc23d8da4420233e28824
- SHA512
  
  e968c94575e71b7c156729256d7460a03dc92a0502382ea01340e6ac6fb7f5b8b07a489413cb08db7830a2e0e7730c8271b0a2fae52b071a01bbe5033efa1d3e
Score

8^/10

persistence evasion trojan
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistenceevasiontrojan

behavioral2

© 2018-2024

Terms | Privacy