ac3bbbb2e571966cc8731e265dd7b1e88326d86e91b639920523c1f78a84fe4e | Triage

Sharing

General

Target

ac3bbbb2e571966cc8731e265dd7b1e88326d86e91b639920523c1f78a84fe4e
Size

860KB
Sample

221123-qnv2xaed92
MD5

9e08bedaff1dd6cc05327d641ab1a9d6
SHA1

d6f13bc80c6be6b2266b113a19057fde74816ac4
SHA256

ac3bbbb2e571966cc8731e265dd7b1e88326d86e91b639920523c1f78a84fe4e
SHA512

8a4f73776f9843e880d5c32ce59e55b384c198d86bfa66dd9b81bd4a9395e85517d9be10868ec0cdd16af53dc3c95d7513a8632ffd8093e2623b12a1cecafccf
SSDEEP

12288:Gf4SfwTabTyvSCCCsqq8LsDABOz9J+ScRJSOzay5uulT8LekOZ8QHSwem0:MuRnsbz9oPRJDWnsTIek2Jyjm0

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  ac3bbbb2e571966cc8731e265dd7b1e88326d86e91b639920523c1f78a84fe4e
- Size
  
  860KB
- MD5
  
  9e08bedaff1dd6cc05327d641ab1a9d6
- SHA1
  
  d6f13bc80c6be6b2266b113a19057fde74816ac4
- SHA256
  
  ac3bbbb2e571966cc8731e265dd7b1e88326d86e91b639920523c1f78a84fe4e
- SHA512
  
  8a4f73776f9843e880d5c32ce59e55b384c198d86bfa66dd9b81bd4a9395e85517d9be10868ec0cdd16af53dc3c95d7513a8632ffd8093e2623b12a1cecafccf
- SSDEEP
  
  12288:Gf4SfwTabTyvSCCCsqq8LsDABOz9J+ScRJSOzay5uulT8LekOZ8QHSwem0:MuRnsbz9oPRJDWnsTIek2Jyjm0
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion