afe94e4b048e0030099c67010dce2fd79461eb050dcf1a441b3d5486ce8821ca | Triage

Submit
Reports

Overview

overview

8

Static

static

tasks_200.vir.exe

windows7_x64

8

tasks_200.vir.exe

windows10_x64

8

Sharing

General

Target

tasks_200.vir
Size

327KB
Sample

200719-g1kqe9j9a6
MD5

804bedbfe6ecd3d1e07b2b19ba6db60c
SHA1

9d37abde24f9781638bc7de50b484389804bd728
SHA256

afe94e4b048e0030099c67010dce2fd79461eb050dcf1a441b3d5486ce8821ca
SHA512

eb45fa0e60ca37466493333d9cfaf8c2502ef9c120000e9e91510775fffb16b76cafa1d649887f5d41a65df966198bb805be44307586e46653a8f31df3713b3f

Score

8^/10

evasion persistence trojan

Static task

static1

Behavioral task

behavioral1

Sample

tasks_200.vir.exe

Resource

win7v200430

persistence evasion trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tasks_200.vir.exe

Resource

win10

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  tasks_200.vir
- Size
  
  327KB
- MD5
  
  804bedbfe6ecd3d1e07b2b19ba6db60c
- SHA1
  
  9d37abde24f9781638bc7de50b484389804bd728
- SHA256
  
  afe94e4b048e0030099c67010dce2fd79461eb050dcf1a441b3d5486ce8821ca
- SHA512
  
  eb45fa0e60ca37466493333d9cfaf8c2502ef9c120000e9e91510775fffb16b76cafa1d649887f5d41a65df966198bb805be44307586e46653a8f31df3713b3f
Score

8^/10

persistence evasion trojan
- Executes dropped EXE
- Deletes itself
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Checks whether UAC is enabled
  evasion trojan
- JavaScript code in executable
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

persistenceevasiontrojan

behavioral2

© 2018-2024

Terms | Privacy