6771d8d0431034fdd65f892475bfb38597457ccb65a7b2d46dd37579e22ebd4d | Triage

Submit
Reports

Overview

overview

8

Static

static

tasks_196.vir.exe

windows7_x64

8

tasks_196.vir.exe

windows10_x64

8

Sharing

General

Target

tasks_196.vir
Size

229KB
Sample

200719-9cj93l6mrs
MD5

5bfda10184fb2ea0246db7f121bb9b22
SHA1

b22541ca672cb19b440e222133da6f220fa9027e
SHA256

6771d8d0431034fdd65f892475bfb38597457ccb65a7b2d46dd37579e22ebd4d
SHA512

08bfa9e2ac0ae48186fb7705da0a4ac80a9d10e131d4cccee1624f93cdc2d3c6878e81130c173171c8decc4ec8db4d46bfa225c513f518cf6d51b33907f1dbb0

Score

8^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

tasks_196.vir.exe

Resource

win7

persistence evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tasks_196.vir.exe

Resource

win10v200430

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tasks_196.vir
- Size
  
  229KB
- MD5
  
  5bfda10184fb2ea0246db7f121bb9b22
- SHA1
  
  b22541ca672cb19b440e222133da6f220fa9027e
- SHA256
  
  6771d8d0431034fdd65f892475bfb38597457ccb65a7b2d46dd37579e22ebd4d
- SHA512
  
  08bfa9e2ac0ae48186fb7705da0a4ac80a9d10e131d4cccee1624f93cdc2d3c6878e81130c173171c8decc4ec8db4d46bfa225c513f518cf6d51b33907f1dbb0
Score

8^/10

persistence evasion trojan
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistenceevasiontrojan

behavioral2

© 2018-2024

Terms | Privacy