55f85a1bdfd990def09389f6f1d633de1e39af2bb9f390768173d2efad5d3e08 | Triage

Sharing

General

Target

55f85a1bdfd990def09389f6f1d633de1e39af2bb9f390768173d2efad5d3e08
Size

384KB
Sample

220725-g1xxlaadaj
MD5

6ec513e5cb9c468a7c0186712e52862c
SHA1

e86957d0433f427afdd39f8c8cab222c2e6a36ad
SHA256

55f85a1bdfd990def09389f6f1d633de1e39af2bb9f390768173d2efad5d3e08
SHA512

8dece6275f4b9558310649a575e2e50a9c4e27b46b54713319b91647714ca3e36d973f1f10c57a1af4471753f574b740a5b1d7903006684a20159901f0dde836

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  55f85a1bdfd990def09389f6f1d633de1e39af2bb9f390768173d2efad5d3e08
- Size
  
  384KB
- MD5
  
  6ec513e5cb9c468a7c0186712e52862c
- SHA1
  
  e86957d0433f427afdd39f8c8cab222c2e6a36ad
- SHA256
  
  55f85a1bdfd990def09389f6f1d633de1e39af2bb9f390768173d2efad5d3e08
- SHA512
  
  8dece6275f4b9558310649a575e2e50a9c4e27b46b54713319b91647714ca3e36d973f1f10c57a1af4471753f574b740a5b1d7903006684a20159901f0dde836
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2