33ab184662978f5b319ce8a80fd7f8e329a215224922e49fb257c55dbb452673 | Triage

Sharing

General

Target

33ab184662978f5b319ce8a80fd7f8e329a215224922e49fb257c55dbb452673
Size

708KB
Sample

221129-lxlglsgh52
MD5

543fe85883df394d4ea61612ecb8e866
SHA1

2a202e07fd81ff94c65c45fca46b6a3a582efb9b
SHA256

33ab184662978f5b319ce8a80fd7f8e329a215224922e49fb257c55dbb452673
SHA512

f3b06bfdeb7c7f9ebfd1447d27de297f203262576d121ccc0400de1b90396783c56058f3e0e452da40bada90a57e8404b1244494a5778c4d079444ead11e095f
SSDEEP

12288:IjmqGKwbFIBRczSvUwnXWrMA/bnS+XI70DQIXNFTwHUJr02O:IjgKw5IAmvtnGFLS+IgDZNpw0ap

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  33ab184662978f5b319ce8a80fd7f8e329a215224922e49fb257c55dbb452673
- Size
  
  708KB
- MD5
  
  543fe85883df394d4ea61612ecb8e866
- SHA1
  
  2a202e07fd81ff94c65c45fca46b6a3a582efb9b
- SHA256
  
  33ab184662978f5b319ce8a80fd7f8e329a215224922e49fb257c55dbb452673
- SHA512
  
  f3b06bfdeb7c7f9ebfd1447d27de297f203262576d121ccc0400de1b90396783c56058f3e0e452da40bada90a57e8404b1244494a5778c4d079444ead11e095f
- SSDEEP
  
  12288:IjmqGKwbFIBRczSvUwnXWrMA/bnS+XI70DQIXNFTwHUJr02O:IjgKw5IAmvtnGFLS+IgDZNpw0ap
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence