38db7683a3f2057d97684f77ac4045c1e8279086d9e7493624877734d709e7e3 | Triage

Sharing

General

Target

38db7683a3f2057d97684f77ac4045c1e8279086d9e7493624877734d709e7e3
Size

1.6MB
Sample

220521-af98vsabh3
MD5

c339c8c591c902efd803ad56f1aabf47
SHA1

bf94247b3f607794d5bbe4f295d1e8ca5ced8b32
SHA256

38db7683a3f2057d97684f77ac4045c1e8279086d9e7493624877734d709e7e3
SHA512

0e353d57738931fba87ef4351b1435459dff234830c5e53d4f84a4ce1ffd877f0c8bcfb872002ee47e44e0e73dfc0cd14f72e3cf4f798a028ed508032ebfbcb4

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  38db7683a3f2057d97684f77ac4045c1e8279086d9e7493624877734d709e7e3
- Size
  
  1.6MB
- MD5
  
  c339c8c591c902efd803ad56f1aabf47
- SHA1
  
  bf94247b3f607794d5bbe4f295d1e8ca5ced8b32
- SHA256
  
  38db7683a3f2057d97684f77ac4045c1e8279086d9e7493624877734d709e7e3
- SHA512
  
  0e353d57738931fba87ef4351b1435459dff234830c5e53d4f84a4ce1ffd877f0c8bcfb872002ee47e44e0e73dfc0cd14f72e3cf4f798a028ed508032ebfbcb4
Score

7^/10

evasion
- Deletes itself
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2