General
-
Target
af7bf12535c2d7dcd1a197c0142750424e5a41a8e1e24f17df989c6785170ba8
-
Size
675KB
-
Sample
221125-h3gh3adh2y
-
MD5
fa8fb0f4cc4034cf4990c9acdc86b59e
-
SHA1
56f68e1ef0e36d4c3ee00ce690030431bf3e69f1
-
SHA256
af7bf12535c2d7dcd1a197c0142750424e5a41a8e1e24f17df989c6785170ba8
-
SHA512
19e9929952273fbbd6d2c17d6e768872448dae5a64391bdbbca49132ecbd55af9f9b92612706725ac6a34a5eeb5d4e753887ea62db419fbcbb0bf3f0361640a1
-
SSDEEP
12288:JCEzBOzcbPoVTZp7EWgh0uDbv/o0lQVfG+IPe4gctUkJiV8Bbm:JCzOWTZpb20uD7DYfn415iK
Malware Config
Targets
-
-
Target
af7bf12535c2d7dcd1a197c0142750424e5a41a8e1e24f17df989c6785170ba8
-
Size
675KB
-
MD5
fa8fb0f4cc4034cf4990c9acdc86b59e
-
SHA1
56f68e1ef0e36d4c3ee00ce690030431bf3e69f1
-
SHA256
af7bf12535c2d7dcd1a197c0142750424e5a41a8e1e24f17df989c6785170ba8
-
SHA512
19e9929952273fbbd6d2c17d6e768872448dae5a64391bdbbca49132ecbd55af9f9b92612706725ac6a34a5eeb5d4e753887ea62db419fbcbb0bf3f0361640a1
-
SSDEEP
12288:JCEzBOzcbPoVTZp7EWgh0uDbv/o0lQVfG+IPe4gctUkJiV8Bbm:JCzOWTZpb20uD7DYfn415iK
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-