General

  • Target

    5728b9aeb4f6852e22267456523a44d876b21e5c0bc1d254f292d6659a23dd0a

  • Size

    344KB

  • Sample

    220725-avfmssfedk

  • MD5

    652006318f9181ff30148b775d5518e6

  • SHA1

    01b410d018f94ea0d37f4deb91104cf13377edef

  • SHA256

    5728b9aeb4f6852e22267456523a44d876b21e5c0bc1d254f292d6659a23dd0a

  • SHA512

    cd0a09c1c46b4405b94ac473adf9faf4c33c17d240a6407a097e2a74e9317b8c1aa1e7fc86747e909f486ea8670eaa1ed9188f34c1a7f5d1a1b0b66c1a7093d0

Score
10/10

Malware Config

Targets

    • Target

      5728b9aeb4f6852e22267456523a44d876b21e5c0bc1d254f292d6659a23dd0a

    • Size

      344KB

    • MD5

      652006318f9181ff30148b775d5518e6

    • SHA1

      01b410d018f94ea0d37f4deb91104cf13377edef

    • SHA256

      5728b9aeb4f6852e22267456523a44d876b21e5c0bc1d254f292d6659a23dd0a

    • SHA512

      cd0a09c1c46b4405b94ac473adf9faf4c33c17d240a6407a097e2a74e9317b8c1aa1e7fc86747e909f486ea8670eaa1ed9188f34c1a7f5d1a1b0b66c1a7093d0

    Score
    10/10
    • suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

      suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Tasks