bcc9e643dfb7bf2f64fa72b1e8cfb4f111bb546c173ae09e700f49db3a9f7ab0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bcc9e643dfb7bf2f64fa72b1e8cfb4f111bb546c173ae09e700f49db3a9f7ab0
Size

715KB
Sample

221201-lcxn5sea54
MD5

df7c419bc03405b90b5fc6b5d79a45cb
SHA1

2411113f613e011b8187f70dd89f0349ea3b937d
SHA256

bcc9e643dfb7bf2f64fa72b1e8cfb4f111bb546c173ae09e700f49db3a9f7ab0
SHA512

5d604d141e4955ec408f176258d663f5ff524d014a558f6b36decbab08c54ab0f2bcc4b8f29b48c0d52ac6c3d3c17519ef6081ae3097f5ae19daec1c0bbba308
SSDEEP

12288:L6H4lgph9uw8TXJelx1bW0/Ae5mwLaENaNkhFyx0xlRJXvHvoVtC6oDF5v:L6KgkwiXIlRYe5LaENa4o0RJXvPozChz

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  bcc9e643dfb7bf2f64fa72b1e8cfb4f111bb546c173ae09e700f49db3a9f7ab0
- Size
  
  715KB
- MD5
  
  df7c419bc03405b90b5fc6b5d79a45cb
- SHA1
  
  2411113f613e011b8187f70dd89f0349ea3b937d
- SHA256
  
  bcc9e643dfb7bf2f64fa72b1e8cfb4f111bb546c173ae09e700f49db3a9f7ab0
- SHA512
  
  5d604d141e4955ec408f176258d663f5ff524d014a558f6b36decbab08c54ab0f2bcc4b8f29b48c0d52ac6c3d3c17519ef6081ae3097f5ae19daec1c0bbba308
- SSDEEP
  
  12288:L6H4lgph9uw8TXJelx1bW0/Ae5mwLaENaNkhFyx0xlRJXvHvoVtC6oDF5v:L6KgkwiXIlRYe5LaENa4o0RJXvPozChz
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2