General
-
Target
6c0c2148c336ecb14a81951e003c4f2df25482522fe3d7dd68f537745a935ae5
-
Size
932KB
-
Sample
221126-kcg31shg3t
-
MD5
a27bb08616c4ea01151f0f5ad5516c5d
-
SHA1
90d692c62fc1d84850a5bee9c993d1362fbde778
-
SHA256
6c0c2148c336ecb14a81951e003c4f2df25482522fe3d7dd68f537745a935ae5
-
SHA512
a596c58398723e2b0200c4ff689cddf2cd68d3d81ca0d486d3adafc06511aba16d7ef05003f5b01648aff4b948f39f9d13bcc04eb43209751ab0f1e7ef25eff3
-
SSDEEP
12288:THTVWyP9l32BCKeR7b3BKmU5JFJKhiwZ7gC9OIiIX3:Nvl34y7bRTU5JFoZ7gCbi0
Malware Config
Targets
-
-
Target
6c0c2148c336ecb14a81951e003c4f2df25482522fe3d7dd68f537745a935ae5
-
Size
932KB
-
MD5
a27bb08616c4ea01151f0f5ad5516c5d
-
SHA1
90d692c62fc1d84850a5bee9c993d1362fbde778
-
SHA256
6c0c2148c336ecb14a81951e003c4f2df25482522fe3d7dd68f537745a935ae5
-
SHA512
a596c58398723e2b0200c4ff689cddf2cd68d3d81ca0d486d3adafc06511aba16d7ef05003f5b01648aff4b948f39f9d13bcc04eb43209751ab0f1e7ef25eff3
-
SSDEEP
12288:THTVWyP9l32BCKeR7b3BKmU5JFJKhiwZ7gC9OIiIX3:Nvl34y7bRTU5JFoZ7gCbi0
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-