668e8a1a73f319fc5136a463cfdacd7b3ae9c6448108aa70ecbaf93b80763567 | Triage

Sharing

General

Target

668e8a1a73f319fc5136a463cfdacd7b3ae9c6448108aa70ecbaf93b80763567
Size

672KB
Sample

221123-rew4aagd79
MD5

bf29c6ecd409fd44101725501af476ce
SHA1

aee53bebb6a0c47b54ac89882f94e6466e48850d
SHA256

668e8a1a73f319fc5136a463cfdacd7b3ae9c6448108aa70ecbaf93b80763567
SHA512

5b94b25724ea8b3e6f915575d9eb6b600eda187355469400b684997deceec6b49c7af4c5ee1e6eb050f6dcfd00ed28ad41de9dfa0cfafa7d1a61b8749a7946e0
SSDEEP

12288:YX7Wt+2P0iU2sdOVMRpl+QmzJ8SuFluK+YDIAnems:6WtbTU2LWWtvuH7D/

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  668e8a1a73f319fc5136a463cfdacd7b3ae9c6448108aa70ecbaf93b80763567
- Size
  
  672KB
- MD5
  
  bf29c6ecd409fd44101725501af476ce
- SHA1
  
  aee53bebb6a0c47b54ac89882f94e6466e48850d
- SHA256
  
  668e8a1a73f319fc5136a463cfdacd7b3ae9c6448108aa70ecbaf93b80763567
- SHA512
  
  5b94b25724ea8b3e6f915575d9eb6b600eda187355469400b684997deceec6b49c7af4c5ee1e6eb050f6dcfd00ed28ad41de9dfa0cfafa7d1a61b8749a7946e0
- SSDEEP
  
  12288:YX7Wt+2P0iU2sdOVMRpl+QmzJ8SuFluK+YDIAnems:6WtbTU2LWWtvuH7D/
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion