ad9204ffb0c9304e4751ce5da54963e6e907a80f95cc3d28ea1bdb05889fe45e | Triage

Sharing

General

Target

ad9204ffb0c9304e4751ce5da54963e6e907a80f95cc3d28ea1bdb05889fe45e
Size

615KB
Sample

221123-qnbchaed63
MD5

a57b57ee82abe41abd34c15d3dab6025
SHA1

47d5d770bb50e4bd85d7303bc99a2126b1d4b207
SHA256

ad9204ffb0c9304e4751ce5da54963e6e907a80f95cc3d28ea1bdb05889fe45e
SHA512

028de5a4cd0587d02ce389109b3bcc02bd35d5e0d42fdcd686dc5b7fe732cd15c92d39e1c61a3cfb3d174d117dfb156b38370f1137990f8126bc6a54d2a176ee
SSDEEP

12288:RgEovyJR0lsbVtzD0Hg1PIn7z7KNcx5rPPucjdwRZXNnZybEk00:yELJGubzD0HjKWx5z2cjSnZ/0

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  ad9204ffb0c9304e4751ce5da54963e6e907a80f95cc3d28ea1bdb05889fe45e
- Size
  
  615KB
- MD5
  
  a57b57ee82abe41abd34c15d3dab6025
- SHA1
  
  47d5d770bb50e4bd85d7303bc99a2126b1d4b207
- SHA256
  
  ad9204ffb0c9304e4751ce5da54963e6e907a80f95cc3d28ea1bdb05889fe45e
- SHA512
  
  028de5a4cd0587d02ce389109b3bcc02bd35d5e0d42fdcd686dc5b7fe732cd15c92d39e1c61a3cfb3d174d117dfb156b38370f1137990f8126bc6a54d2a176ee
- SSDEEP
  
  12288:RgEovyJR0lsbVtzD0Hg1PIn7z7KNcx5rPPucjdwRZXNnZybEk00:yELJGubzD0HjKWx5z2cjSnZ/0
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Software Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2