a8a3d5c67349345d5a6f0906cb9da7bf7f8397392717377d14da2785e2559a37 | Triage

Sharing

General

Target

a8a3d5c67349345d5a6f0906cb9da7bf7f8397392717377d14da2785e2559a37
Size

784KB
Sample

221201-jrqg9sgh45
MD5

384457d1ca48161017ad379c6a0ac4e0
SHA1

fff416d61c3a07d130ee6e1c1affbf2d7266f166
SHA256

a8a3d5c67349345d5a6f0906cb9da7bf7f8397392717377d14da2785e2559a37
SHA512

28897bc6d5fa77087b34e4c66a85249cb08596b64845c5e78708482d97c505b8b824e1c7acdafafea4b79a102260ef1e70fc03665f0b981e17e75a7dc28ac05b
SSDEEP

12288:GefX5bxGTsLvx/WvBLlmDLI/wA0qSniuMVGnmjKnRlgqdQ3QCNTL:GUX5dDFWLUkWqSnZMknmMIfr5L

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  a8a3d5c67349345d5a6f0906cb9da7bf7f8397392717377d14da2785e2559a37
- Size
  
  784KB
- MD5
  
  384457d1ca48161017ad379c6a0ac4e0
- SHA1
  
  fff416d61c3a07d130ee6e1c1affbf2d7266f166
- SHA256
  
  a8a3d5c67349345d5a6f0906cb9da7bf7f8397392717377d14da2785e2559a37
- SHA512
  
  28897bc6d5fa77087b34e4c66a85249cb08596b64845c5e78708482d97c505b8b824e1c7acdafafea4b79a102260ef1e70fc03665f0b981e17e75a7dc28ac05b
- SSDEEP
  
  12288:GefX5bxGTsLvx/WvBLlmDLI/wA0qSniuMVGnmjKnRlgqdQ3QCNTL:GUX5dDFWLUkWqSnZMknmMIfr5L
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2