17b855869b85281216bd71be7b4f2acc3cd23d275073e1eaeb88c75f4bcb14a2 | Triage

Sharing

General

Target

17b855869b85281216bd71be7b4f2acc3cd23d275073e1eaeb88c75f4bcb14a2
Size

842KB
Sample

221003-by1yksagb3
MD5

66fb925ea1457a2bc0655740e35d8ddd
SHA1

637946ad7f80f7f9a93dd1e7f9581cf852256e88
SHA256

17b855869b85281216bd71be7b4f2acc3cd23d275073e1eaeb88c75f4bcb14a2
SHA512

5f957a884a7d05f7cef2f740e99dbb321b8357fadb13fc81782ea3edc2ce2303bfeb7b2eb30f272cd1bc70aa0eca9e39733ec0a4c3a197708359ace9da0d439e
SSDEEP

24576:ReGVWd+9T+stPBwJxgSKUyOiusAtMKV8f3:Re1U9TxP6vyOiusqMKVm

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  17b855869b85281216bd71be7b4f2acc3cd23d275073e1eaeb88c75f4bcb14a2
- Size
  
  842KB
- MD5
  
  66fb925ea1457a2bc0655740e35d8ddd
- SHA1
  
  637946ad7f80f7f9a93dd1e7f9581cf852256e88
- SHA256
  
  17b855869b85281216bd71be7b4f2acc3cd23d275073e1eaeb88c75f4bcb14a2
- SHA512
  
  5f957a884a7d05f7cef2f740e99dbb321b8357fadb13fc81782ea3edc2ce2303bfeb7b2eb30f272cd1bc70aa0eca9e39733ec0a4c3a197708359ace9da0d439e
- SSDEEP
  
  24576:ReGVWd+9T+stPBwJxgSKUyOiusAtMKV8f3:Re1U9TxP6vyOiusqMKVm
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence