a741c6484ba47fedac87e4de8c083edf65e51bfb99595ba7a8fca7ea88fb9208 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a741c6484ba47fedac87e4de8c083edf65e51bfb99595ba7a8fca7ea88fb9208
Size

421KB
Sample

221130-3tyffaba2x
MD5

c40c578275399005c61b96e5fe3ca13a
SHA1

8492f3f2060bdf2ba42456cc12f5cd13b3550fda
SHA256

a741c6484ba47fedac87e4de8c083edf65e51bfb99595ba7a8fca7ea88fb9208
SHA512

699ee4075245e7f5bbf599e51a5eb5ea4aaf95bc16c0e1e337d721b5f0f029a199faa2d703c820c006b3d20963c8a63ec45ac19d245a2ece68a6537dc109fec8
SSDEEP

12288:JK/vL/3A/kqYd94FbA0cAt0jj5KCE2mbAJ62+QMr02ucUCP:JevL/Q/w40jj5LxA6MdQ2zUY

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  a741c6484ba47fedac87e4de8c083edf65e51bfb99595ba7a8fca7ea88fb9208
- Size
  
  421KB
- MD5
  
  c40c578275399005c61b96e5fe3ca13a
- SHA1
  
  8492f3f2060bdf2ba42456cc12f5cd13b3550fda
- SHA256
  
  a741c6484ba47fedac87e4de8c083edf65e51bfb99595ba7a8fca7ea88fb9208
- SHA512
  
  699ee4075245e7f5bbf599e51a5eb5ea4aaf95bc16c0e1e337d721b5f0f029a199faa2d703c820c006b3d20963c8a63ec45ac19d245a2ece68a6537dc109fec8
- SSDEEP
  
  12288:JK/vL/3A/kqYd94FbA0cAt0jj5KCE2mbAJ62+QMr02ucUCP:JevL/Q/w40jj5LxA6MdQ2zUY
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence