560ece3196de4196d48e7debd0ef9f11f3635f40ab9eb90ca3ed3263937d762a | Triage

Sharing

General

Target

560ece3196de4196d48e7debd0ef9f11f3635f40ab9eb90ca3ed3263937d762a
Size

309KB
Sample

220725-gqg4dshgfp
MD5

8209616edabc2f895d3e394a678adbac
SHA1

08db48caa07b2565bdbb419fd649f2de12c8ffbf
SHA256

560ece3196de4196d48e7debd0ef9f11f3635f40ab9eb90ca3ed3263937d762a
SHA512

e8719ee7b426f932f601dbe340e52c2cafcf37e248591796606224f353d4992ff991d3b9b714bb10e92321f7b8ca8d6dc52de7970969f50761a3733e38913cc7

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  560ece3196de4196d48e7debd0ef9f11f3635f40ab9eb90ca3ed3263937d762a
- Size
  
  309KB
- MD5
  
  8209616edabc2f895d3e394a678adbac
- SHA1
  
  08db48caa07b2565bdbb419fd649f2de12c8ffbf
- SHA256
  
  560ece3196de4196d48e7debd0ef9f11f3635f40ab9eb90ca3ed3263937d762a
- SHA512
  
  e8719ee7b426f932f601dbe340e52c2cafcf37e248591796606224f353d4992ff991d3b9b714bb10e92321f7b8ca8d6dc52de7970969f50761a3733e38913cc7
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2