56e513ef36c46d14e199eb96706aa42cfbcebc7ac8897bfcd26cf53893eafa01 | Triage

Sharing

General

Target

56e513ef36c46d14e199eb96706aa42cfbcebc7ac8897bfcd26cf53893eafa01
Size

257KB
Sample

220725-brm35shbdp
MD5

7c65e80b914e89ef4d66d9a11da8810a
SHA1

87db4d7e89f3034a1e5ca2a81e903db4c803b3c0
SHA256

56e513ef36c46d14e199eb96706aa42cfbcebc7ac8897bfcd26cf53893eafa01
SHA512

254c00a1edb54a8872096e0334175b8914d7cdb06c6a5657cb0f6a661fa9ad1ee404744272a30ac8e1337fbf005bed5d549c657b1684b25ffd6b04e62ba6bf48

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  56e513ef36c46d14e199eb96706aa42cfbcebc7ac8897bfcd26cf53893eafa01
- Size
  
  257KB
- MD5
  
  7c65e80b914e89ef4d66d9a11da8810a
- SHA1
  
  87db4d7e89f3034a1e5ca2a81e903db4c803b3c0
- SHA256
  
  56e513ef36c46d14e199eb96706aa42cfbcebc7ac8897bfcd26cf53893eafa01
- SHA512
  
  254c00a1edb54a8872096e0334175b8914d7cdb06c6a5657cb0f6a661fa9ad1ee404744272a30ac8e1337fbf005bed5d549c657b1684b25ffd6b04e62ba6bf48
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2