565ef8b72d613d945408457d5247a9915cc4c4b4136e23cde63773fbbf06625d | Triage

Sharing

General

Target

565ef8b72d613d945408457d5247a9915cc4c4b4136e23cde63773fbbf06625d
Size

255KB
Sample

220725-eck7sadfbn
MD5

74066639e95a3febead6b1f8f7358098
SHA1

66e16c48c21d6f8cd880a23ab998e8f833dabc48
SHA256

565ef8b72d613d945408457d5247a9915cc4c4b4136e23cde63773fbbf06625d
SHA512

a92b6020e7d4285578c63aab5b08fcc57f23a5fc6c0eb8d342ca878d1583bfee396c16f2fcccd4e6c9e65c69f968acb6b0a148c8ab89ba42e2c2170e5308729f

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  565ef8b72d613d945408457d5247a9915cc4c4b4136e23cde63773fbbf06625d
- Size
  
  255KB
- MD5
  
  74066639e95a3febead6b1f8f7358098
- SHA1
  
  66e16c48c21d6f8cd880a23ab998e8f833dabc48
- SHA256
  
  565ef8b72d613d945408457d5247a9915cc4c4b4136e23cde63773fbbf06625d
- SHA512
  
  a92b6020e7d4285578c63aab5b08fcc57f23a5fc6c0eb8d342ca878d1583bfee396c16f2fcccd4e6c9e65c69f968acb6b0a148c8ab89ba42e2c2170e5308729f
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2