661ec25401ad96d9131ba03cfadd2aea2d3e8aa57709f649adea1a669d30c3d6 | Triage

Sharing

General

Target

661ec25401ad96d9131ba03cfadd2aea2d3e8aa57709f649adea1a669d30c3d6
Size

1.5MB
Sample

221123-vh137ahb37
MD5

e8364c1014b59486a82e2b5a019078a4
SHA1

9df19314c7b3b18356416d8d05432227c72ca49b
SHA256

661ec25401ad96d9131ba03cfadd2aea2d3e8aa57709f649adea1a669d30c3d6
SHA512

dc11b70968c3973ec041f31d67a92031ce107596f240ef7f0a7af64a033384fbf4b828160faaf392228b063cf0e775c5fc9c8ada661a5845fd94b14549d3359a
SSDEEP

24576:3C+O8bZy+DfZC880oqvN8gO2+afrgHS3UzRc8fNLOKi:3/RZC88AfrMS3eJOKi

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  661ec25401ad96d9131ba03cfadd2aea2d3e8aa57709f649adea1a669d30c3d6
- Size
  
  1.5MB
- MD5
  
  e8364c1014b59486a82e2b5a019078a4
- SHA1
  
  9df19314c7b3b18356416d8d05432227c72ca49b
- SHA256
  
  661ec25401ad96d9131ba03cfadd2aea2d3e8aa57709f649adea1a669d30c3d6
- SHA512
  
  dc11b70968c3973ec041f31d67a92031ce107596f240ef7f0a7af64a033384fbf4b828160faaf392228b063cf0e775c5fc9c8ada661a5845fd94b14549d3359a
- SSDEEP
  
  24576:3C+O8bZy+DfZC880oqvN8gO2+afrgHS3UzRc8fNLOKi:3/RZC88AfrMS3eJOKi
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2