562fc011dc0839d65f98d8a39d4e8a042966498b9489a8d741d3cfac78b8181d | Triage

Sharing

General

Target

562fc011dc0839d65f98d8a39d4e8a042966498b9489a8d741d3cfac78b8181d
Size

207KB
Sample

220725-fr516sgafn
MD5

4ae0ff18081fba1fbccd2b8acfa6b5c6
SHA1

83168dd947c574452f3cc46d7598e73da6f10124
SHA256

562fc011dc0839d65f98d8a39d4e8a042966498b9489a8d741d3cfac78b8181d
SHA512

002f0afe183c5772ba387a8907795bc6e77034908b01df632ab2b77931137990ed7b0b2bcf20e2b4bd471636e157f322cf9fe2130ec7713086abdd3b2fe9fa48

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  562fc011dc0839d65f98d8a39d4e8a042966498b9489a8d741d3cfac78b8181d
- Size
  
  207KB
- MD5
  
  4ae0ff18081fba1fbccd2b8acfa6b5c6
- SHA1
  
  83168dd947c574452f3cc46d7598e73da6f10124
- SHA256
  
  562fc011dc0839d65f98d8a39d4e8a042966498b9489a8d741d3cfac78b8181d
- SHA512
  
  002f0afe183c5772ba387a8907795bc6e77034908b01df632ab2b77931137990ed7b0b2bcf20e2b4bd471636e157f322cf9fe2130ec7713086abdd3b2fe9fa48
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2