3ed9b32f503de26cdcff6eff07e0b79dfe8d659c97531e9145bf54fbdbb02aa9 | Triage

Sharing

General

Target

3ed9b32f503de26cdcff6eff07e0b79dfe8d659c97531e9145bf54fbdbb02aa9
Size

112KB
Sample

221123-rv1reace8x
MD5

2ddbfd9e906a03e58a8319b0cebcd520
SHA1

c277c344031bc7da67b552fccd15eca5eeab44c2
SHA256

3ed9b32f503de26cdcff6eff07e0b79dfe8d659c97531e9145bf54fbdbb02aa9
SHA512

1b0e89dfd89041e4335b9a3e30fdd546734a53c9e6ceb4286f71cbdb69cccdb8030887df7452f26e2065a2135ae77a191b981042b74c5e75f5a10a959868955c
SSDEEP

1536:u/lDtQVFbl4L1bJ2pVHbT5LUk6f2z6Du9vdoER7r+nqHA10sMGt8XNfTSEiuSTan:u/lOlM1N2LTVUkc2z6DMljXG5WYByeQ

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  3ed9b32f503de26cdcff6eff07e0b79dfe8d659c97531e9145bf54fbdbb02aa9
- Size
  
  112KB
- MD5
  
  2ddbfd9e906a03e58a8319b0cebcd520
- SHA1
  
  c277c344031bc7da67b552fccd15eca5eeab44c2
- SHA256
  
  3ed9b32f503de26cdcff6eff07e0b79dfe8d659c97531e9145bf54fbdbb02aa9
- SHA512
  
  1b0e89dfd89041e4335b9a3e30fdd546734a53c9e6ceb4286f71cbdb69cccdb8030887df7452f26e2065a2135ae77a191b981042b74c5e75f5a10a959868955c
- SSDEEP
  
  1536:u/lDtQVFbl4L1bJ2pVHbT5LUk6f2z6Du9vdoER7r+nqHA10sMGt8XNfTSEiuSTan:u/lOlM1N2LTVUkc2z6DMljXG5WYByeQ
Score

9^/10

evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- Looks for VMWare Tools registry key
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2