a8e3b0c7341fae83e3a6d556e3ced6383278fe08ccf50811520941b6aa858475 | Triage

Sharing

General

Target

a8e3b0c7341fae83e3a6d556e3ced6383278fe08ccf50811520941b6aa858475
Size

710KB
Sample

221201-yl6pmahh7z
MD5

528429c7e572abd5fe01739d07366f5e
SHA1

3e489bef4560afdc25eb0457ca43f24a2906fc63
SHA256

a8e3b0c7341fae83e3a6d556e3ced6383278fe08ccf50811520941b6aa858475
SHA512

530a6b0fddf5add8b02f11f7b56a2d25c29de9bef0b9533364cdd6a0c1a49781714505a501ee37ecd17f005444fad3549d786055b1fc8132b9a21733b96b5fd1
SSDEEP

12288:dphsZo6I0Q8zXO7mPsNjAY1/setghtXpNSrws99A4FCG:dpCZTVFzXSmPiJRZtw5NLs99A8d

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  a8e3b0c7341fae83e3a6d556e3ced6383278fe08ccf50811520941b6aa858475
- Size
  
  710KB
- MD5
  
  528429c7e572abd5fe01739d07366f5e
- SHA1
  
  3e489bef4560afdc25eb0457ca43f24a2906fc63
- SHA256
  
  a8e3b0c7341fae83e3a6d556e3ced6383278fe08ccf50811520941b6aa858475
- SHA512
  
  530a6b0fddf5add8b02f11f7b56a2d25c29de9bef0b9533364cdd6a0c1a49781714505a501ee37ecd17f005444fad3549d786055b1fc8132b9a21733b96b5fd1
- SSDEEP
  
  12288:dphsZo6I0Q8zXO7mPsNjAY1/setghtXpNSrws99A4FCG:dpCZTVFzXSmPiJRZtw5NLs99A8d
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2