ad6572d4a5579a15e68f943081622af460606266c5848a65f0685762f1fb7a3d | Triage

Sharing

General

Target

ad6572d4a5579a15e68f943081622af460606266c5848a65f0685762f1fb7a3d
Size

663KB
Sample

221123-qncwbsed65
MD5

94b015cc89e96292fe6b00ee1035fab7
SHA1

e8c5dc97afe678044fdbf362a28b339937f5666b
SHA256

ad6572d4a5579a15e68f943081622af460606266c5848a65f0685762f1fb7a3d
SHA512

16ee9263f30d7d2fe8c9b404b67bbf7883dd459812433dab3bcf7e55a99bec51337dbe7c5d73098ad760747e7164aac64f2e51000484c92def18f9f6b7e89369
SSDEEP

12288:zxi6A2vzbtiPD3ZCgtcikhhI6IzoZPJD+hdtH6yfy37w+Zav:zxi6AWvti73cgtcNo8S07w+Zav

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  ad6572d4a5579a15e68f943081622af460606266c5848a65f0685762f1fb7a3d
- Size
  
  663KB
- MD5
  
  94b015cc89e96292fe6b00ee1035fab7
- SHA1
  
  e8c5dc97afe678044fdbf362a28b339937f5666b
- SHA256
  
  ad6572d4a5579a15e68f943081622af460606266c5848a65f0685762f1fb7a3d
- SHA512
  
  16ee9263f30d7d2fe8c9b404b67bbf7883dd459812433dab3bcf7e55a99bec51337dbe7c5d73098ad760747e7164aac64f2e51000484c92def18f9f6b7e89369
- SSDEEP
  
  12288:zxi6A2vzbtiPD3ZCgtcikhhI6IzoZPJD+hdtH6yfy37w+Zav:zxi6AWvti73cgtcNo8S07w+Zav
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion