f4f45e2178316a5cbd21dcdb5d8b1fc9c950e7af2da55d97f857507634b4f110 | Triage

Sharing

General

Target

f4f45e2178316a5cbd21dcdb5d8b1fc9c950e7af2da55d97f857507634b4f110
Size

1.4MB
Sample

221123-xcj9laef22
MD5

c07aa31bded61110dd01c6d4a852aca9
SHA1

76b914ffde89509c0d71c6a4545727a89e0497f5
SHA256

f4f45e2178316a5cbd21dcdb5d8b1fc9c950e7af2da55d97f857507634b4f110
SHA512

e6e70b4a4ab8f66c6065a185c9a1fd5047a58d45e6e8078e83514cb605dc95238cc2319f9a7e9aa6b6763c2da286f9d6f2ef753b8b95086ef1f7fd18cb123f69
SSDEEP

24576:8Rwqx60lDtQKTTLtjGK3X7yZ+t5ROh41mFcOENq5FBtlLYSz8OU:8Rbhv9GKneonKcOEstBvz8H

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  f4f45e2178316a5cbd21dcdb5d8b1fc9c950e7af2da55d97f857507634b4f110
- Size
  
  1.4MB
- MD5
  
  c07aa31bded61110dd01c6d4a852aca9
- SHA1
  
  76b914ffde89509c0d71c6a4545727a89e0497f5
- SHA256
  
  f4f45e2178316a5cbd21dcdb5d8b1fc9c950e7af2da55d97f857507634b4f110
- SHA512
  
  e6e70b4a4ab8f66c6065a185c9a1fd5047a58d45e6e8078e83514cb605dc95238cc2319f9a7e9aa6b6763c2da286f9d6f2ef753b8b95086ef1f7fd18cb123f69
- SSDEEP
  
  24576:8Rwqx60lDtQKTTLtjGK3X7yZ+t5ROh41mFcOENq5FBtlLYSz8OU:8Rbhv9GKneonKcOEstBvz8H
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2