74691fa47734de24aa1fade9ce88c764f9fb2106c55075ba9a011d4fbfbfa769 | Triage

Sharing

General

Target

74691fa47734de24aa1fade9ce88c764f9fb2106c55075ba9a011d4fbfbfa769
Size

391KB
Sample

221201-dy1nxsea8t
MD5

9c6e6a09de44e0702ccaa16928b62017
SHA1

9c249ab1ab18c2bd4d97b4accfa8ddd014b45df1
SHA256

74691fa47734de24aa1fade9ce88c764f9fb2106c55075ba9a011d4fbfbfa769
SHA512

ff58ee209d928d5e2b16728347aa51555799c9f5926a46c2575fdcce3a3f6eb32d2674f639d1542c620957a82ce92d02ac76def4d0cec4256021643e3f20b3f4
SSDEEP

12288:PuAc8TKS2C0ex+za4v4gLD7dHx2WCCxoS:PuAc8TN2CQ9v4uT2WCCCS

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  74691fa47734de24aa1fade9ce88c764f9fb2106c55075ba9a011d4fbfbfa769
- Size
  
  391KB
- MD5
  
  9c6e6a09de44e0702ccaa16928b62017
- SHA1
  
  9c249ab1ab18c2bd4d97b4accfa8ddd014b45df1
- SHA256
  
  74691fa47734de24aa1fade9ce88c764f9fb2106c55075ba9a011d4fbfbfa769
- SHA512
  
  ff58ee209d928d5e2b16728347aa51555799c9f5926a46c2575fdcce3a3f6eb32d2674f639d1542c620957a82ce92d02ac76def4d0cec4256021643e3f20b3f4
- SSDEEP
  
  12288:PuAc8TKS2C0ex+za4v4gLD7dHx2WCCxoS:PuAc8TN2CQ9v4uT2WCCCS
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence