66ca3736efd4f5dc069ab7c9abf20ea64387d6ca101ed83b92432ccc418dba28 | Triage

Sharing

General

Target

66ca3736efd4f5dc069ab7c9abf20ea64387d6ca101ed83b92432ccc418dba28
Size

2.9MB
Sample

221128-gx786aff7v
MD5

fe635cc84469248402917862ce71c4fe
SHA1

55e7e20e5f9ff5bcda88a712ce218dfb121fce79
SHA256

66ca3736efd4f5dc069ab7c9abf20ea64387d6ca101ed83b92432ccc418dba28
SHA512

42d0374ebf22ab37525f522b25cd96b350f01ca0153a0d948fa969194a90b1ac96d134ba98367bcf73ea55b0d97e1cf9cad3580ecefb0e97236a7e05a536a4fd
SSDEEP

24576:YQ7wfI6yo+ygOV7ZeS0MAyWRRmTo+0PF3aVPj:GIRqVQrNtRYs+0PlaR

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  66ca3736efd4f5dc069ab7c9abf20ea64387d6ca101ed83b92432ccc418dba28
- Size
  
  2.9MB
- MD5
  
  fe635cc84469248402917862ce71c4fe
- SHA1
  
  55e7e20e5f9ff5bcda88a712ce218dfb121fce79
- SHA256
  
  66ca3736efd4f5dc069ab7c9abf20ea64387d6ca101ed83b92432ccc418dba28
- SHA512
  
  42d0374ebf22ab37525f522b25cd96b350f01ca0153a0d948fa969194a90b1ac96d134ba98367bcf73ea55b0d97e1cf9cad3580ecefb0e97236a7e05a536a4fd
- SSDEEP
  
  24576:YQ7wfI6yo+ygOV7ZeS0MAyWRRmTo+0PF3aVPj:GIRqVQrNtRYs+0PlaR
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2