a8e96f273b0d832669d367d43ccd4b55c34a459a6ff65dcac417e5be40b5c7ac | Triage

Sharing

General

Target

a8e96f273b0d832669d367d43ccd4b55c34a459a6ff65dcac417e5be40b5c7ac
Size

746KB
Sample

221126-2z5w2afa9w
MD5

195016e5c753eba8fdc25fc8064458a3
SHA1

e1d72f246bfa7a2e4297879b359ace36a07d8a6a
SHA256

a8e96f273b0d832669d367d43ccd4b55c34a459a6ff65dcac417e5be40b5c7ac
SHA512

54c4b51bfcd7265413bafd556a2a2bf8cdf96aea07d66ad1e633f2534ce941420a3b3d7e8022615402c984e92689ffaa1e1b72478c6dd5b8d162f52a8ccea268
SSDEEP

12288:XDjJGcVlJ1XlNCwc1cHFUi18Wihq/KTXOViIHRLAA3uj7S0gzWIN2b2fEmbuLRjW:X5x2wMYUu/5iIxtmzYW6cmCW

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  a8e96f273b0d832669d367d43ccd4b55c34a459a6ff65dcac417e5be40b5c7ac
- Size
  
  746KB
- MD5
  
  195016e5c753eba8fdc25fc8064458a3
- SHA1
  
  e1d72f246bfa7a2e4297879b359ace36a07d8a6a
- SHA256
  
  a8e96f273b0d832669d367d43ccd4b55c34a459a6ff65dcac417e5be40b5c7ac
- SHA512
  
  54c4b51bfcd7265413bafd556a2a2bf8cdf96aea07d66ad1e633f2534ce941420a3b3d7e8022615402c984e92689ffaa1e1b72478c6dd5b8d162f52a8ccea268
- SSDEEP
  
  12288:XDjJGcVlJ1XlNCwc1cHFUi18Wihq/KTXOViIHRLAA3uj7S0gzWIN2b2fEmbuLRjW:X5x2wMYUu/5iIxtmzYW6cmCW
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2