40dd8eaafcf65137d7f66f7153335a9a01df868c6891b5d8ab5a4f23ec759cc8 | Triage

Sharing

General

Target

40dd8eaafcf65137d7f66f7153335a9a01df868c6891b5d8ab5a4f23ec759cc8
Size

687KB
Sample

221030-njp9raghb8
MD5

544e33c71e69c5610572c31970819400
SHA1

c85501e6ae7f4f13c69cbe06d180fce1f40cc886
SHA256

40dd8eaafcf65137d7f66f7153335a9a01df868c6891b5d8ab5a4f23ec759cc8
SHA512

54737631f9d11e3bef1ca83abdd559aad11f99121553adca73be9dc0470c5e4e48663083000bf79866a2a8439ca9acf0c821657590e1f4eaf67ac674723b0ef2
SSDEEP

12288:0DIxsNvzUtyOM0JcdsfAsRT9ZSXGAmRR5DUrqfrTrpinH788bsxOPo9ho:EIxsNL4W4XoQimBD2qH+HiYOho

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  40dd8eaafcf65137d7f66f7153335a9a01df868c6891b5d8ab5a4f23ec759cc8
- Size
  
  687KB
- MD5
  
  544e33c71e69c5610572c31970819400
- SHA1
  
  c85501e6ae7f4f13c69cbe06d180fce1f40cc886
- SHA256
  
  40dd8eaafcf65137d7f66f7153335a9a01df868c6891b5d8ab5a4f23ec759cc8
- SHA512
  
  54737631f9d11e3bef1ca83abdd559aad11f99121553adca73be9dc0470c5e4e48663083000bf79866a2a8439ca9acf0c821657590e1f4eaf67ac674723b0ef2
- SSDEEP
  
  12288:0DIxsNvzUtyOM0JcdsfAsRT9ZSXGAmRR5DUrqfrTrpinH788bsxOPo9ho:EIxsNL4W4XoQimBD2qH+HiYOho
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2