5703ae1699a05c4ba28fb2bdc425d5cd8a3c74841a40d56deb3b4bf361fb9992 | Triage

Sharing

General

Target

5703ae1699a05c4ba28fb2bdc425d5cd8a3c74841a40d56deb3b4bf361fb9992
Size

376KB
Sample

220725-bc1qpagdgn
MD5

3c76a1a304e2404a5212715d4a3c4e15
SHA1

25141f45bb840063002909461d72d6a39f657a91
SHA256

5703ae1699a05c4ba28fb2bdc425d5cd8a3c74841a40d56deb3b4bf361fb9992
SHA512

fbdc048651e768980684f68db59a24cb7e0704adf4ae0d3b37064705c410340d1bcf75e0163ae9ef38e10b750a302a456be441a5e77e50a9aaf005a674c830aa

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  5703ae1699a05c4ba28fb2bdc425d5cd8a3c74841a40d56deb3b4bf361fb9992
- Size
  
  376KB
- MD5
  
  3c76a1a304e2404a5212715d4a3c4e15
- SHA1
  
  25141f45bb840063002909461d72d6a39f657a91
- SHA256
  
  5703ae1699a05c4ba28fb2bdc425d5cd8a3c74841a40d56deb3b4bf361fb9992
- SHA512
  
  fbdc048651e768980684f68db59a24cb7e0704adf4ae0d3b37064705c410340d1bcf75e0163ae9ef38e10b750a302a456be441a5e77e50a9aaf005a674c830aa
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2