68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
Size

928KB
Sample

221127-n6rq4aae21
MD5

a7f3a1d52cc2de6019139933a5c73f5a
SHA1

e282ad147afa6af460615e2fc666614232bbcd59
SHA256

68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
SHA512

950017d766594fe469e61609acf8e3ff5f8a112122a75cace7133f739f49903a1c6488f7ff287d3bfa34af28210a50767f1c9838868a733bddaad52b83c10374
SSDEEP

12288:ozGVd4SVkPXaPtEqDYzVfeL81riSpeVGWPKhSEXbYGh9DQbPGfgn:yCCbOttkzVC4XpeVGWPKpEGv0bOIn

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
- Size
  
  928KB
- MD5
  
  a7f3a1d52cc2de6019139933a5c73f5a
- SHA1
  
  e282ad147afa6af460615e2fc666614232bbcd59
- SHA256
  
  68b8ce32b2fd605ebc8b924cf3a6ebf7a35f7e90ad12b19145ea4ac225c4787a
- SHA512
  
  950017d766594fe469e61609acf8e3ff5f8a112122a75cace7133f739f49903a1c6488f7ff287d3bfa34af28210a50767f1c9838868a733bddaad52b83c10374
- SSDEEP
  
  12288:ozGVd4SVkPXaPtEqDYzVfeL81riSpeVGWPKhSEXbYGh9DQbPGfgn:yCCbOttkzVC4XpeVGWPKpEGv0bOIn
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2