ac734a8fcfc48bf4bb486a369eb08a498e1a460c0bd56cb61480ad3abde708c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ac734a8fcfc48bf4bb486a369eb08a498e1a460c0bd56cb61480ad3abde708c2
Size

658KB
Sample

221130-3grr5aee43
MD5

239920fbbe7ac170460d675653baaa76
SHA1

2589ec96f37a44fcbebf0dc72e4d5289de51473e
SHA256

ac734a8fcfc48bf4bb486a369eb08a498e1a460c0bd56cb61480ad3abde708c2
SHA512

b6501f4c444f6ad803fb3d8f130d525c0551f85e0bdc3750d08c3edc9844d9b2052ceaea385071d1faa95c714a74deeb57c29ca752189016e5de68de6d17c3fa
SSDEEP

12288:3NmbRxS6KUCMKTMS19QtV3496ykQSbrjjuckXZJNH0hBcef5bm:38DzKpff1StVIDe9SQcef5

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  ac734a8fcfc48bf4bb486a369eb08a498e1a460c0bd56cb61480ad3abde708c2
- Size
  
  658KB
- MD5
  
  239920fbbe7ac170460d675653baaa76
- SHA1
  
  2589ec96f37a44fcbebf0dc72e4d5289de51473e
- SHA256
  
  ac734a8fcfc48bf4bb486a369eb08a498e1a460c0bd56cb61480ad3abde708c2
- SHA512
  
  b6501f4c444f6ad803fb3d8f130d525c0551f85e0bdc3750d08c3edc9844d9b2052ceaea385071d1faa95c714a74deeb57c29ca752189016e5de68de6d17c3fa
- SSDEEP
  
  12288:3NmbRxS6KUCMKTMS19QtV3496ykQSbrjjuckXZJNH0hBcef5bm:38DzKpff1StVIDe9SQcef5
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence