565f6ba9951e559cee8528bff148ac39b930ea2a7e9e7b490e664dc47b75f4d0 | Triage

Sharing

General

Target

565f6ba9951e559cee8528bff148ac39b930ea2a7e9e7b490e664dc47b75f4d0
Size

254KB
Sample

220725-ebxjesdegq
MD5

553d2798cabd3a8441cc76b1a9557c4b
SHA1

26f79ebd58518c8b0efca8b817debf2233512b34
SHA256

565f6ba9951e559cee8528bff148ac39b930ea2a7e9e7b490e664dc47b75f4d0
SHA512

d621882da8bb64c6e0d861c480dd22d13112c491684a59071b439b535df7c10289ac4aed0cc7c6bf97ea0b9355a4d7d3610570d9e2756a20c8cb2c64212976b7

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  565f6ba9951e559cee8528bff148ac39b930ea2a7e9e7b490e664dc47b75f4d0
- Size
  
  254KB
- MD5
  
  553d2798cabd3a8441cc76b1a9557c4b
- SHA1
  
  26f79ebd58518c8b0efca8b817debf2233512b34
- SHA256
  
  565f6ba9951e559cee8528bff148ac39b930ea2a7e9e7b490e664dc47b75f4d0
- SHA512
  
  d621882da8bb64c6e0d861c480dd22d13112c491684a59071b439b535df7c10289ac4aed0cc7c6bf97ea0b9355a4d7d3610570d9e2756a20c8cb2c64212976b7
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2