General

  • Target

    55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0

  • Size

    210KB

  • Sample

    221123-rl6ajagh86

  • MD5

    c520fcd1769620b61125ae6df2ccaabf

  • SHA1

    eb435d105d0f3ccb889cf8cae993861263eb7643

  • SHA256

    55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0

  • SHA512

    253af4180c7535e96e40ff289e899efec23522718b4a90362cc45cb8a3a737bc999184c3a1c8ba3fd2d125517d148ba5976c04d7461bfa4d1270fb75dd75da31

  • SSDEEP

    3072:kIM0v/eJvCeXoBapseh8hqyU4lamrIJDN:kI7Jo8cyU4ldrIR

Score
8/10

Malware Config

Targets

    • Target

      55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0

    • Size

      210KB

    • MD5

      c520fcd1769620b61125ae6df2ccaabf

    • SHA1

      eb435d105d0f3ccb889cf8cae993861263eb7643

    • SHA256

      55158c733090bc56f7cad292cee570b704416282063414bb258a7d78d71bd4f0

    • SHA512

      253af4180c7535e96e40ff289e899efec23522718b4a90362cc45cb8a3a737bc999184c3a1c8ba3fd2d125517d148ba5976c04d7461bfa4d1270fb75dd75da31

    • SSDEEP

      3072:kIM0v/eJvCeXoBapseh8hqyU4lamrIJDN:kI7Jo8cyU4ldrIR

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Identifies Wine through registry keys

      Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v6

Tasks