General
-
Target
e9878d94bc21063c39a80a5ce90e769de5ec92dd2cc888d8775b1662396dbd1a
-
Size
653KB
-
Sample
221127-tqcvwsee51
-
MD5
f286cbf1ac8911808008bf3419a0f307
-
SHA1
5dbf23bf89bebd846f7ce1df2abfa3098717804a
-
SHA256
e9878d94bc21063c39a80a5ce90e769de5ec92dd2cc888d8775b1662396dbd1a
-
SHA512
4fcf7d3b9974df504db5e701655c5384db2b3f2182cb0664a2f32f726522e71b3db0234ecd47e0f051e308131eb62ee72bd2fdef10f4601a0086c0465a9e16dc
-
SSDEEP
12288:HhBk5VkHzSa8+EVTS7WPFmIeh7itt+ErJycQEn5bV:HhjTSsEEqPRHTrJycvnlV
Malware Config
Targets
-
-
Target
e9878d94bc21063c39a80a5ce90e769de5ec92dd2cc888d8775b1662396dbd1a
-
Size
653KB
-
MD5
f286cbf1ac8911808008bf3419a0f307
-
SHA1
5dbf23bf89bebd846f7ce1df2abfa3098717804a
-
SHA256
e9878d94bc21063c39a80a5ce90e769de5ec92dd2cc888d8775b1662396dbd1a
-
SHA512
4fcf7d3b9974df504db5e701655c5384db2b3f2182cb0664a2f32f726522e71b3db0234ecd47e0f051e308131eb62ee72bd2fdef10f4601a0086c0465a9e16dc
-
SSDEEP
12288:HhBk5VkHzSa8+EVTS7WPFmIeh7itt+ErJycQEn5bV:HhjTSsEEqPRHTrJycvnlV
Score9/10-
Checks for common network interception software
Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
-
Enumerates VirtualBox registry keys
-
Adds Run key to start application
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-