86b4236c66e35b750b0707b53ad64c616e84f7602c20469db4739bd6efa6afb5 | Triage

Sharing

General

Target

86b4236c66e35b750b0707b53ad64c616e84f7602c20469db4739bd6efa6afb5
Size

873KB
Sample

221002-p7rm6ahdbl
MD5

65a2dc075798236d8c27640679c6b1d0
SHA1

fde971ce37024abfb3961f346740b375614f5236
SHA256

86b4236c66e35b750b0707b53ad64c616e84f7602c20469db4739bd6efa6afb5
SHA512

315124eeb5897483bf06f6dacce3ecbcf6fb9034dc1067039efe39c947ec1094387b09403ededdcbf97e0efbfb662d502530e2462f6fbf61fe064a558b4ce1e9
SSDEEP

24576:INxfvuzgGZaNtUtdKa3AyK7onZ4kDW79YHkGmc4pIQ:IzfvuVZaYdKC1K7mZ4kyaHkG2pIQ

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  86b4236c66e35b750b0707b53ad64c616e84f7602c20469db4739bd6efa6afb5
- Size
  
  873KB
- MD5
  
  65a2dc075798236d8c27640679c6b1d0
- SHA1
  
  fde971ce37024abfb3961f346740b375614f5236
- SHA256
  
  86b4236c66e35b750b0707b53ad64c616e84f7602c20469db4739bd6efa6afb5
- SHA512
  
  315124eeb5897483bf06f6dacce3ecbcf6fb9034dc1067039efe39c947ec1094387b09403ededdcbf97e0efbfb662d502530e2462f6fbf61fe064a558b4ce1e9
- SSDEEP
  
  24576:INxfvuzgGZaNtUtdKa3AyK7onZ4kDW79YHkGmc4pIQ:IzfvuVZaYdKC1K7mZ4kyaHkG2pIQ
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence