General
-
Target
Quote_45893216_33661100.zip
-
Size
19KB
-
Sample
210421-8ff9x3q9ds
-
MD5
d686d901b643c73fc0f5e513866c7f26
-
SHA1
e5ebfa73ae95f090c9f741a4c01eb47adedd8c79
-
SHA256
ee7e97a138919f82d0161cea181a245cd18b5b5af6f7ead3a79d471faff1c712
-
SHA512
eaf3a80cc9199b76ba8447fcf2ab0d2cd41366cc60d01585c9dc1355d7d683cfa8ce62a8d663b464bff5ffecacac45ac45598a25c070c2200299cb3217b440aa
Static task
static1
Behavioral task
behavioral1
Sample
Quote_45893216_33661100.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Quote_45893216_33661100.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
Quote_45893216_33661100.exe
-
Size
41KB
-
MD5
49472c72b43392ff15b276e7fa2b06f0
-
SHA1
2f477723cff77c758e3e7e523956fd2a40230559
-
SHA256
183deb437b9c1908c61337b4e8cd2dc24625a542a57f5165ac0022da0a67751a
-
SHA512
e9615b0f6861dcbd196e1620f289e80f0ad0efafb78417d0c4cd5b354a2cdbb198c9c49e5f6d93fc042cb6c28857605a4e8cfb67435261571f3f569220bd2f58
Score10/10-
Looks for VirtualBox Guest Additions in registry
-
Nirsoft
-
Executes dropped EXE
-
Looks for VMWare Tools registry key
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Drops startup file
-
Loads dropped DLL
-
Adds Run key to start application
-
Maps connected drives based on registry
Disk information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Matrix ATT&CK v6
Defense Evasion
Modify Registry
7Disabling Security Tools
4Bypass User Account Control
1Virtualization/Sandbox Evasion
2Install Root Certificate
1