57558753238a906c819534c5fdffeb0ebd9a17966a7db7527c365e8a264af217 | Triage

Sharing

General

Target

57558753238a906c819534c5fdffeb0ebd9a17966a7db7527c365e8a264af217
Size

225KB
Sample

220724-3caytadacm
MD5

1f9ba1ba28ee540fcaba6314a5960ab2
SHA1

2ae070d1e880330338f403f18b4f50ff68414605
SHA256

57558753238a906c819534c5fdffeb0ebd9a17966a7db7527c365e8a264af217
SHA512

c5bf3ba8872620803a47cca5a04f0fde03815fcdd5a9179c89bf5ce79cf13e65cc2e94ccc0d8cc311eb53204d810b90b88f79c3fad0a6667bbc8feb77dea3318

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  57558753238a906c819534c5fdffeb0ebd9a17966a7db7527c365e8a264af217
- Size
  
  225KB
- MD5
  
  1f9ba1ba28ee540fcaba6314a5960ab2
- SHA1
  
  2ae070d1e880330338f403f18b4f50ff68414605
- SHA256
  
  57558753238a906c819534c5fdffeb0ebd9a17966a7db7527c365e8a264af217
- SHA512
  
  c5bf3ba8872620803a47cca5a04f0fde03815fcdd5a9179c89bf5ce79cf13e65cc2e94ccc0d8cc311eb53204d810b90b88f79c3fad0a6667bbc8feb77dea3318
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2