57757e349d16189a14afb718a4ea8cd7df5f99a68c46200cf1b432d5ee7a0178 | Triage

Sharing

General

Target

57757e349d16189a14afb718a4ea8cd7df5f99a68c46200cf1b432d5ee7a0178
Size

253KB
Sample

220724-19bv9sagcl
MD5

8ee0fc47e4236e802fcbdfdccd4d9256
SHA1

6ff2f880962d39e7adb35c9bc36feb97fc22c1ba
SHA256

57757e349d16189a14afb718a4ea8cd7df5f99a68c46200cf1b432d5ee7a0178
SHA512

5d7479eba755a09e96e7a5401727d356b52a66eeeab03958c3b71df22d2dd450d13ad0fb2e03db6ec6ae1ef73f675834e127ea264dcfa4d5189366e5891ea5c1

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  57757e349d16189a14afb718a4ea8cd7df5f99a68c46200cf1b432d5ee7a0178
- Size
  
  253KB
- MD5
  
  8ee0fc47e4236e802fcbdfdccd4d9256
- SHA1
  
  6ff2f880962d39e7adb35c9bc36feb97fc22c1ba
- SHA256
  
  57757e349d16189a14afb718a4ea8cd7df5f99a68c46200cf1b432d5ee7a0178
- SHA512
  
  5d7479eba755a09e96e7a5401727d356b52a66eeeab03958c3b71df22d2dd450d13ad0fb2e03db6ec6ae1ef73f675834e127ea264dcfa4d5189366e5891ea5c1
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2