560032353b341db593caeb017287341e00ace21e53b74eb99b0c122469348df5 | Triage

Sharing

General

Target

560032353b341db593caeb017287341e00ace21e53b74eb99b0c122469348df5
Size

222KB
Sample

220725-gxg2zaabdj
MD5

4e3d8f9afe9d8b788cc59e0654479c08
SHA1

9f20901ef18f07d79ddbc977887e4bdb4a0db3e5
SHA256

560032353b341db593caeb017287341e00ace21e53b74eb99b0c122469348df5
SHA512

76da1dfe637a6081524a1b415a0bf75496b48dd9c248027ec5cd835ae622585a68ea98776aed3d47f012dcd1d104b081e59196c97df3edfac1f39e274c4d3b98

Score

10^/10

discovery suricata

Malware Config

Targets

- Target
  
  560032353b341db593caeb017287341e00ace21e53b74eb99b0c122469348df5
- Size
  
  222KB
- MD5
  
  4e3d8f9afe9d8b788cc59e0654479c08
- SHA1
  
  9f20901ef18f07d79ddbc977887e4bdb4a0db3e5
- SHA256
  
  560032353b341db593caeb017287341e00ace21e53b74eb99b0c122469348df5
- SHA512
  
  76da1dfe637a6081524a1b415a0bf75496b48dd9c248027ec5cd835ae622585a68ea98776aed3d47f012dcd1d104b081e59196c97df3edfac1f39e274c4d3b98
Score

10^/10

discovery suricata
- suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata: ET MALWARE ETag HTTP Header Observed at JPCERT Sinkhole
  suricata
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoverysuricata

behavioral2