b61991e6b19229de40323d7e15e1b710a9e7f5fafe5d0ebdfc08918e373967d3 | Triage

Sharing

General

Target

b61991e6b19229de40323d7e15e1b710a9e7f5fafe5d0ebdfc08918e373967d3
Size

33KB
Sample

191025-8ddaw5e4we
MD5

76d9c9d7a779005f6caeaa72dbdde445
SHA1

34efc6312c7bff374563b1e429e2e29b5da119c2
SHA256

b61991e6b19229de40323d7e15e1b710a9e7f5fafe5d0ebdfc08918e373967d3
SHA512

cbd904cc51180733b95ba1195b65c673d44ab114255e3bde0785f6aa8f54d9739f6c32fbda5ee3eafa3f45f19736e7c62819247eacefd93c7d85da5ab0c2c73f

Score

7^/10

Malware Config

Targets

- Target
  
  b61991e6b19229de40323d7e15e1b710a9e7f5fafe5d0ebdfc08918e373967d3
- Size
  
  33KB
- MD5
  
  76d9c9d7a779005f6caeaa72dbdde445
- SHA1
  
  34efc6312c7bff374563b1e429e2e29b5da119c2
- SHA256
  
  b61991e6b19229de40323d7e15e1b710a9e7f5fafe5d0ebdfc08918e373967d3
- SHA512
  
  cbd904cc51180733b95ba1195b65c673d44ab114255e3bde0785f6aa8f54d9739f6c32fbda5ee3eafa3f45f19736e7c62819247eacefd93c7d85da5ab0c2c73f
Score

7^/10
- Windows security modification
  evasion trojan
- Maps connected drives based on registry (likely anti-VM)
- Checks system information in the registry (likely anti-VM)
- Modifies service
  persistence
task1 task2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

task1

task2