Overview

overview

10

Static

static

56a7b8c46d...87.exe

windows7-x64

10

56a7b8c46d...87.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    56a7b8c46d8d560af4eab48ac719bbaf705c2321135c6de5b63a8371ccbab887

  • Size

    321KB

  • Sample

    220725-cjgf3aadhn

  • MD5

    715807c03ffde97cecc0962135c470fd

  • SHA1

    722712c2ef0fcb53229b12fe5bdadcda77ac457e

  • SHA256

    56a7b8c46d8d560af4eab48ac719bbaf705c2321135c6de5b63a8371ccbab887

  • SHA512

    ca356f8f90d9b02c4993e39e955f60c545c589038c770172ff789eb3ec10420f06bc4367b4decda1eff5b0cd793cbbd258854d409321b75a0f934d28d8a40618

Score
10/10
discoverysuricata

Malware Config

Targets

    • Target

      56a7b8c46d8d560af4eab48ac719bbaf705c2321135c6de5b63a8371ccbab887

    • Size

      321KB

    • MD5

      715807c03ffde97cecc0962135c470fd

    • SHA1

      722712c2ef0fcb53229b12fe5bdadcda77ac457e

    • SHA256

      56a7b8c46d8d560af4eab48ac719bbaf705c2321135c6de5b63a8371ccbab887

    • SHA512

      ca356f8f90d9b02c4993e39e955f60c545c589038c770172ff789eb3ec10420f06bc4367b4decda1eff5b0cd793cbbd258854d409321b75a0f934d28d8a40618

    Score
    10/10
    discoverysuricata

    • suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

      suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole

      suricata

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

Peripheral Device Discovery

1
T1120

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks