573ffea235968eeef2e29e2ddb79ee78015733e905b21c8d9925cd6eb58e5309 | Triage

Sharing

General

Target

573ffea235968eeef2e29e2ddb79ee78015733e905b21c8d9925cd6eb58e5309
Size

309KB
Sample

220725-acs56sefdp
MD5

40bb0c19f432853310655d8eb2381873
SHA1

90088f9a95a13231bfc83a577cb8c4941b6ecb50
SHA256

573ffea235968eeef2e29e2ddb79ee78015733e905b21c8d9925cd6eb58e5309
SHA512

c74126777a41b0ff7a6550f8ef475ca95842d2f56161226e622a3fbe3728f598e2d95a3933f08ddc5cb6f824eccf0c3d000b487e37c32ebe32d15d0502135f1f

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  573ffea235968eeef2e29e2ddb79ee78015733e905b21c8d9925cd6eb58e5309
- Size
  
  309KB
- MD5
  
  40bb0c19f432853310655d8eb2381873
- SHA1
  
  90088f9a95a13231bfc83a577cb8c4941b6ecb50
- SHA256
  
  573ffea235968eeef2e29e2ddb79ee78015733e905b21c8d9925cd6eb58e5309
- SHA512
  
  c74126777a41b0ff7a6550f8ef475ca95842d2f56161226e622a3fbe3728f598e2d95a3933f08ddc5cb6f824eccf0c3d000b487e37c32ebe32d15d0502135f1f
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2