5772bc1b153c9fd2a32dcd3e350b31d86c145fb1b16d98838773f89fb41d2005 | Triage

Sharing

General

Target

5772bc1b153c9fd2a32dcd3e350b31d86c145fb1b16d98838773f89fb41d2005
Size

310KB
Sample

220724-2cyjfabaan
MD5

2a491604dc5ac8aa28a5d759cf290d89
SHA1

a242244245337e4d7794f2c6f31195a3ed0986b9
SHA256

5772bc1b153c9fd2a32dcd3e350b31d86c145fb1b16d98838773f89fb41d2005
SHA512

32059fb37b59d275943de80cd81b9b9e62792976c898cb10ee47ca6385075ffa723af02e82a4c9110d7e40e63c88a7c4a7ebf38e9e2fc79ddfe095aa8ed6fced

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  5772bc1b153c9fd2a32dcd3e350b31d86c145fb1b16d98838773f89fb41d2005
- Size
  
  310KB
- MD5
  
  2a491604dc5ac8aa28a5d759cf290d89
- SHA1
  
  a242244245337e4d7794f2c6f31195a3ed0986b9
- SHA256
  
  5772bc1b153c9fd2a32dcd3e350b31d86c145fb1b16d98838773f89fb41d2005
- SHA512
  
  32059fb37b59d275943de80cd81b9b9e62792976c898cb10ee47ca6385075ffa723af02e82a4c9110d7e40e63c88a7c4a7ebf38e9e2fc79ddfe095aa8ed6fced
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2