b8b5709281bfead9807f51633d06d9f42777fece5f44824b4a70a15641832513 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8b5709281bfead9807f51633d06d9f42777fece5f44824b4a70a15641832513
Size

295KB
Sample

221106-jgvz1acffr
MD5

1c1c3cc59dad81b8230667867acf1c50
SHA1

cb41ca6b2cbe9f4510a83fb0476ee3501b23de5e
SHA256

b8b5709281bfead9807f51633d06d9f42777fece5f44824b4a70a15641832513
SHA512

6c85a7a1403523b606761006b939b6cc40ab71890c1ad81d3af3f137b444f3f8eb07bf7293b017dcdaed80ea9d84bf0567b4740a8f336dce596dad341d3350cb
SSDEEP

6144:Zb3TBxF3Uwso0yzgj5oWFlwF74wDhywywBEpC4mEjebQp:Zb3TBxFUjxFlODIwBiN

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  b8b5709281bfead9807f51633d06d9f42777fece5f44824b4a70a15641832513
- Size
  
  295KB
- MD5
  
  1c1c3cc59dad81b8230667867acf1c50
- SHA1
  
  cb41ca6b2cbe9f4510a83fb0476ee3501b23de5e
- SHA256
  
  b8b5709281bfead9807f51633d06d9f42777fece5f44824b4a70a15641832513
- SHA512
  
  6c85a7a1403523b606761006b939b6cc40ab71890c1ad81d3af3f137b444f3f8eb07bf7293b017dcdaed80ea9d84bf0567b4740a8f336dce596dad341d3350cb
- SSDEEP
  
  6144:Zb3TBxF3Uwso0yzgj5oWFlwF74wDhywywBEpC4mEjebQp:Zb3TBxFUjxFlODIwBiN
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2