0789758cd25f2ab1b14ebbcb9a87b219d11da21a5311592979770c8dfdb5a596 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0789758cd25f2ab1b14ebbcb9a87b219d11da21a5311592979770c8dfdb5a596
Size

144KB
Sample

221020-swkl9abcdq
MD5

a002970b4281e79009ebfe8705b3cbc3
SHA1

2cb1f207f2c990aae1e954077ed4ff26b7ebe0bd
SHA256

0789758cd25f2ab1b14ebbcb9a87b219d11da21a5311592979770c8dfdb5a596
SHA512

8b7c5440e7ee2e30e06a63073a7d8033f2c35191befc2d87dc1f2b387ae1974a110855a8e77e01e9262b3848af7fb1de74cfa5aaa334462ba08d94e31364df06
SSDEEP

3072:I7aJgrSuZUczmnAkfafUMXrqorOdQaESi2FCu74zvQuqoCL:IAgrZUImAcarXxrOGpSi2Fz74Q

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  0789758cd25f2ab1b14ebbcb9a87b219d11da21a5311592979770c8dfdb5a596
- Size
  
  144KB
- MD5
  
  a002970b4281e79009ebfe8705b3cbc3
- SHA1
  
  2cb1f207f2c990aae1e954077ed4ff26b7ebe0bd
- SHA256
  
  0789758cd25f2ab1b14ebbcb9a87b219d11da21a5311592979770c8dfdb5a596
- SHA512
  
  8b7c5440e7ee2e30e06a63073a7d8033f2c35191befc2d87dc1f2b387ae1974a110855a8e77e01e9262b3848af7fb1de74cfa5aaa334462ba08d94e31364df06
- SSDEEP
  
  3072:I7aJgrSuZUczmnAkfafUMXrqorOdQaESi2FCu74zvQuqoCL:IAgrZUImAcarXxrOGpSi2Fz74Q
Score

8^/10

evasion
- Executes dropped EXE
- Looks for VMWare Tools registry key
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2