56799f1daa228d51a76da138321f2680f4f146446783201b3ff88b0936223a0c | Triage

Sharing

General

Target

56799f1daa228d51a76da138321f2680f4f146446783201b3ff88b0936223a0c
Size

2.0MB
Sample

220725-dm47zacdfl
MD5

5f859a0dd3f34bc1cfee3050fe7cea35
SHA1

ba48ba0602cad6dda16979b6af30a41ee6cc0410
SHA256

56799f1daa228d51a76da138321f2680f4f146446783201b3ff88b0936223a0c
SHA512

ec39b5c73163db57455448fa165f94c9fd8f24acf8db004d512da92e4fecedf121a08f4cd2c63eb4eae1bc7c77f6e2343af890e9d491464da7417f5ebb2366b5

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  56799f1daa228d51a76da138321f2680f4f146446783201b3ff88b0936223a0c
- Size
  
  2.0MB
- MD5
  
  5f859a0dd3f34bc1cfee3050fe7cea35
- SHA1
  
  ba48ba0602cad6dda16979b6af30a41ee6cc0410
- SHA256
  
  56799f1daa228d51a76da138321f2680f4f146446783201b3ff88b0936223a0c
- SHA512
  
  ec39b5c73163db57455448fa165f94c9fd8f24acf8db004d512da92e4fecedf121a08f4cd2c63eb4eae1bc7c77f6e2343af890e9d491464da7417f5ebb2366b5
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2