f9c72c665367ae56cf8e9bf77eeb725b62a6796e2a02edb133987bb51972694b | Triage

Sharing

General

Target

f9c72c665367ae56cf8e9bf77eeb725b62a6796e2a02edb133987bb51972694b
Size

605KB
Sample

221124-t6jndaff83
MD5

fa18673f9b8366c262dbf47cf0dfceb1
SHA1

2b311c187850d46e5c1be72e3b62135db50b3bc3
SHA256

f9c72c665367ae56cf8e9bf77eeb725b62a6796e2a02edb133987bb51972694b
SHA512

eaa29eaf90764b543d1c155a7870d9104723d39c5d1bbded7309b7bffa955e4b7c68fa2c0bd188b472786dc63fdf91114e696d6c4373030e2ea6df781a960ab4
SSDEEP

12288:ODFbpji+06AZfioD+ekdRTCzoDlxp7J1qvYhuYt1AR4Ep555555555555555555D:O9REfiomdRW+3FJkYB1455555555555B

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  f9c72c665367ae56cf8e9bf77eeb725b62a6796e2a02edb133987bb51972694b
- Size
  
  605KB
- MD5
  
  fa18673f9b8366c262dbf47cf0dfceb1
- SHA1
  
  2b311c187850d46e5c1be72e3b62135db50b3bc3
- SHA256
  
  f9c72c665367ae56cf8e9bf77eeb725b62a6796e2a02edb133987bb51972694b
- SHA512
  
  eaa29eaf90764b543d1c155a7870d9104723d39c5d1bbded7309b7bffa955e4b7c68fa2c0bd188b472786dc63fdf91114e696d6c4373030e2ea6df781a960ab4
- SSDEEP
  
  12288:ODFbpji+06AZfioD+ekdRTCzoDlxp7J1qvYhuYt1AR4Ep555555555555555555D:O9REfiomdRW+3FJkYB1455555555555B
Score

9^/10

discovery evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Software Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2