57c91947e8e9a4d814278f5d2142bbfe440048d1580eef7503053e48f23d1605 | Triage

Sharing

General

Target

57c91947e8e9a4d814278f5d2142bbfe440048d1580eef7503053e48f23d1605
Size

1.1MB
Sample

221127-tgf6ysdh21
MD5

6389103e8971334d0e1788154cdb86cf
SHA1

026078b70e435f207cc563c1cf20fe40b06d7d8f
SHA256

57c91947e8e9a4d814278f5d2142bbfe440048d1580eef7503053e48f23d1605
SHA512

eb7bed94e687d483515b34f9611d27e0837099ac76045d10e429904de8914f216af3556f0d2e825f81ce6a52453572314340301102b605e696dcd59c0e9d97b8
SSDEEP

12288:OmnwuWGyqJEjVAFR9QCIAAKK2GhouKx2RnglGAEqnjFGRueuFAB6hSFCG+5NNpDi:OQm8QCIN/LKxcIEDRueMEox9pDQKC

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  57c91947e8e9a4d814278f5d2142bbfe440048d1580eef7503053e48f23d1605
- Size
  
  1.1MB
- MD5
  
  6389103e8971334d0e1788154cdb86cf
- SHA1
  
  026078b70e435f207cc563c1cf20fe40b06d7d8f
- SHA256
  
  57c91947e8e9a4d814278f5d2142bbfe440048d1580eef7503053e48f23d1605
- SHA512
  
  eb7bed94e687d483515b34f9611d27e0837099ac76045d10e429904de8914f216af3556f0d2e825f81ce6a52453572314340301102b605e696dcd59c0e9d97b8
- SSDEEP
  
  12288:OmnwuWGyqJEjVAFR9QCIAAKK2GhouKx2RnglGAEqnjFGRueuFAB6hSFCG+5NNpDi:OQm8QCIN/LKxcIEDRueMEox9pDQKC
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2