5652b2b2b853686ff9c87362bfd17d93c521b5407d75f6b02be51e8e6eb349f1 | Triage

Sharing

General

Target

5652b2b2b853686ff9c87362bfd17d93c521b5407d75f6b02be51e8e6eb349f1
Size

345KB
Sample

220725-eqxgzaeccp
MD5

5f7d946541213c42739761c44ec65d3f
SHA1

f6554af9040673bfb8fbae1d94a20847d8136656
SHA256

5652b2b2b853686ff9c87362bfd17d93c521b5407d75f6b02be51e8e6eb349f1
SHA512

6cd0b389f52fd56839c4473b47a352ae7b4bec35d41fe8e083f8587895528f65e2fb829848c203c0d65d1508edbc300368bac8326e04a6a516c5914e9a2fc73b

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  5652b2b2b853686ff9c87362bfd17d93c521b5407d75f6b02be51e8e6eb349f1
- Size
  
  345KB
- MD5
  
  5f7d946541213c42739761c44ec65d3f
- SHA1
  
  f6554af9040673bfb8fbae1d94a20847d8136656
- SHA256
  
  5652b2b2b853686ff9c87362bfd17d93c521b5407d75f6b02be51e8e6eb349f1
- SHA512
  
  6cd0b389f52fd56839c4473b47a352ae7b4bec35d41fe8e083f8587895528f65e2fb829848c203c0d65d1508edbc300368bac8326e04a6a516c5914e9a2fc73b
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2