56178135216765ad4387aa517a07ef367718db2feea5f0acb87fb58f5b1d68bd | Triage

Sharing

General

Target

56178135216765ad4387aa517a07ef367718db2feea5f0acb87fb58f5b1d68bd
Size

303KB
Sample

220725-gkyh7ahefm
MD5

8d266e6c98eef7ea995bcb85a535183b
SHA1

43c24c7c2d3880bc09a86a723748048baa796520
SHA256

56178135216765ad4387aa517a07ef367718db2feea5f0acb87fb58f5b1d68bd
SHA512

f2412ca0a2fd90c5e6def4fb2271073103fe4f2cd3498c019f33482307986b5dbd03e42866cee407e6df80886516b65821609d1e709b44747394e80e4d85995a

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  56178135216765ad4387aa517a07ef367718db2feea5f0acb87fb58f5b1d68bd
- Size
  
  303KB
- MD5
  
  8d266e6c98eef7ea995bcb85a535183b
- SHA1
  
  43c24c7c2d3880bc09a86a723748048baa796520
- SHA256
  
  56178135216765ad4387aa517a07ef367718db2feea5f0acb87fb58f5b1d68bd
- SHA512
  
  f2412ca0a2fd90c5e6def4fb2271073103fe4f2cd3498c019f33482307986b5dbd03e42866cee407e6df80886516b65821609d1e709b44747394e80e4d85995a
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2