Overview

overview

9

Static

static

bảng báo giá.exe

windows7_x64

9

bảng báo giá.exe

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bảng báo giá.exe

  • Size

    550KB

  • Sample

    200709-t15pj3tysn

  • MD5

    355d59a43d4f1a80187564d0c9145ad9

  • SHA1

    d4d3ed132d4bf6782ab4b48a9020e5427133850f

  • SHA256

    f782488d6cffc08636ce326d9ab116f99c7abb7a6ced4391f9341e709144d100

  • SHA512

    73f5e402ecefb4b28aeafc3a1ddfaeae5a456735d9655178e0c2c1baad6152c994e3f21cbd01471d77fd4ce896f167174822beafc3874a740e23b167e3f30491

Score
9/10

Malware Config

Targets

    • Target

      bảng báo giá.exe

    • Size

      550KB

    • MD5

      355d59a43d4f1a80187564d0c9145ad9

    • SHA1

      d4d3ed132d4bf6782ab4b48a9020e5427133850f

    • SHA256

      f782488d6cffc08636ce326d9ab116f99c7abb7a6ced4391f9341e709144d100

    • SHA512

      73f5e402ecefb4b28aeafc3a1ddfaeae5a456735d9655178e0c2c1baad6152c994e3f21cbd01471d77fd4ce896f167174822beafc3874a740e23b167e3f30491

    Score
    9/10

    • Looks for VirtualBox Guest Additions in registry

    • Looks for VMWare Tools registry key

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Scheduled Task

1
T1053

Persistence

Scheduled Task

1
T1053

Privilege Escalation

Scheduled Task

1
T1053

Defense Evasion

Credential Access

Discovery

Query Registry

4
T1012

System Information Discovery

4
T1082

Peripheral Device Discovery

1
T1120

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks