5657f31274c034f2945f6b72f9e3e6a2e25b8036046dc45a9cd4188e290aaecc | Triage

Sharing

General

Target

5657f31274c034f2945f6b72f9e3e6a2e25b8036046dc45a9cd4188e290aaecc
Size

771KB
Sample

221201-fq9yqsfg99
MD5

d3ba2f4e508c642352d6d93896388143
SHA1

5a16647b7d2769e436f906666dbacf417513727a
SHA256

5657f31274c034f2945f6b72f9e3e6a2e25b8036046dc45a9cd4188e290aaecc
SHA512

b950644a40f51719214c867abc7772b4412f994ca21ac3707d2ea662c5474cb98c3b1c2761c965b6686a74a28695ed80493defc500b91ef92e4d0864c1e3ab61
SSDEEP

24576:NHTktpMeMxHvF0hNPqifk3yPSd4JWweBB:V02bxN0hN01d

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  5657f31274c034f2945f6b72f9e3e6a2e25b8036046dc45a9cd4188e290aaecc
- Size
  
  771KB
- MD5
  
  d3ba2f4e508c642352d6d93896388143
- SHA1
  
  5a16647b7d2769e436f906666dbacf417513727a
- SHA256
  
  5657f31274c034f2945f6b72f9e3e6a2e25b8036046dc45a9cd4188e290aaecc
- SHA512
  
  b950644a40f51719214c867abc7772b4412f994ca21ac3707d2ea662c5474cb98c3b1c2761c965b6686a74a28695ed80493defc500b91ef92e4d0864c1e3ab61
- SSDEEP
  
  24576:NHTktpMeMxHvF0hNPqifk3yPSd4JWweBB:V02bxN0hN01d
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2