9d955e3698ade0f408ba138f18dee893f121dbcdda97b6ab1838f8b6614aadd6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d955e3698ade0f408ba138f18dee893f121dbcdda97b6ab1838f8b6614aadd6
Size

424KB
Sample

221129-e6qz5aaa7t
MD5

8fcf1c28e8ddec80296e45600d775eb5
SHA1

7da8dc1e53805307fccdd6ea69ea0ed35664f0ec
SHA256

9d955e3698ade0f408ba138f18dee893f121dbcdda97b6ab1838f8b6614aadd6
SHA512

9aaa109f8dffbcf8bc4eb19c3b29b9ee7d4666908380ad5e0a18aaf7fcd32885b03b022ac4581b3df3ca0e0c3bc26f3687f9813f672cbece9d0afeacbe43d6be
SSDEEP

12288:+h4zpBWx3Jeq+ky0dtbB4jXjqY69RZZqPCwa4/k:JWx3Jeq+kBd0XW9RmPb/

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  9d955e3698ade0f408ba138f18dee893f121dbcdda97b6ab1838f8b6614aadd6
- Size
  
  424KB
- MD5
  
  8fcf1c28e8ddec80296e45600d775eb5
- SHA1
  
  7da8dc1e53805307fccdd6ea69ea0ed35664f0ec
- SHA256
  
  9d955e3698ade0f408ba138f18dee893f121dbcdda97b6ab1838f8b6614aadd6
- SHA512
  
  9aaa109f8dffbcf8bc4eb19c3b29b9ee7d4666908380ad5e0a18aaf7fcd32885b03b022ac4581b3df3ca0e0c3bc26f3687f9813f672cbece9d0afeacbe43d6be
- SSDEEP
  
  12288:+h4zpBWx3Jeq+ky0dtbB4jXjqY69RZZqPCwa4/k:JWx3Jeq+kBd0XW9RmPb/
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence