56fc0160e4b1c6029b1c5fec78a15f43a7aed6738cb5f910b642aee21f562fe1 | Triage

Sharing

General

Target

56fc0160e4b1c6029b1c5fec78a15f43a7aed6738cb5f910b642aee21f562fe1
Size

497KB
Sample

221130-mew13abg32
MD5

910822b6a33fb5aed70c733bd93e7978
SHA1

3a5c575933574ffd58aeca6f5a8ea6b3ef5bc55f
SHA256

56fc0160e4b1c6029b1c5fec78a15f43a7aed6738cb5f910b642aee21f562fe1
SHA512

6242bf2ddf944069431ffc0e30dfec60eb77ebe0f45cbbca864d542fa776895a9301e770bf7d347c4038a7618746829222ea23f4dcf485cd1cb18da5943b9228
SSDEEP

12288:2zZwfyyqWi0g01Z7FTG/XQ+03rO58HBpdaHYxoT4G:2z0Xqv8JTe0DHBp4HUoUG

Score

9^/10

evasion upx

Malware Config

Targets

- Target
  
  56fc0160e4b1c6029b1c5fec78a15f43a7aed6738cb5f910b642aee21f562fe1
- Size
  
  497KB
- MD5
  
  910822b6a33fb5aed70c733bd93e7978
- SHA1
  
  3a5c575933574ffd58aeca6f5a8ea6b3ef5bc55f
- SHA256
  
  56fc0160e4b1c6029b1c5fec78a15f43a7aed6738cb5f910b642aee21f562fe1
- SHA512
  
  6242bf2ddf944069431ffc0e30dfec60eb77ebe0f45cbbca864d542fa776895a9301e770bf7d347c4038a7618746829222ea23f4dcf485cd1cb18da5943b9228
- SSDEEP
  
  12288:2zZwfyyqWi0g01Z7FTG/XQ+03rO58HBpdaHYxoT4G:2z0Xqv8JTe0DHBp4HUoUG
Score

9^/10

evasion upx
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Drops file in Drivers directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Software Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2