542f2562447ef21953406fda9051825821ba324f5e828e662343fa9ead90eb50 | Triage

Sharing

General

Target

542f2562447ef21953406fda9051825821ba324f5e828e662343fa9ead90eb50
Size

685KB
Sample

221019-2ttxksbhhk
MD5

908431390ab465a48fdd9431bf537d10
SHA1

2f443aef8a46d6720f5351f0a9380b2380ffe3e8
SHA256

542f2562447ef21953406fda9051825821ba324f5e828e662343fa9ead90eb50
SHA512

cca96080e1dd9d860592c810eb1db29262414540a60464d5a23feee028cc6a9abe217b0666373719018aa587871b8ada522f4a542326dce5070822dd2fd66c40
SSDEEP

12288:PU3zlmwU+V/Wdq/uIAnm+xhEl+7Acx1cY3s5zMSmRtce6:PIgwUZ4/uXm+clsI5zM9ye6

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  542f2562447ef21953406fda9051825821ba324f5e828e662343fa9ead90eb50
- Size
  
  685KB
- MD5
  
  908431390ab465a48fdd9431bf537d10
- SHA1
  
  2f443aef8a46d6720f5351f0a9380b2380ffe3e8
- SHA256
  
  542f2562447ef21953406fda9051825821ba324f5e828e662343fa9ead90eb50
- SHA512
  
  cca96080e1dd9d860592c810eb1db29262414540a60464d5a23feee028cc6a9abe217b0666373719018aa587871b8ada522f4a542326dce5070822dd2fd66c40
- SSDEEP
  
  12288:PU3zlmwU+V/Wdq/uIAnm+xhEl+7Acx1cY3s5zMSmRtce6:PIgwUZ4/uXm+clsI5zM9ye6
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence