a50d1dfe214a9f9eaad22522438ed55f4ae2624fe0f2057c136b274e214bea2b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a50d1dfe214a9f9eaad22522438ed55f4ae2624fe0f2057c136b274e214bea2b
Size

777KB
Sample

221201-ywt4ksfg34
MD5

8c62b3b941b6f46223d51b0fc34d92cb
SHA1

93556867e53784733743a648b6c9e5261be3f8ea
SHA256

a50d1dfe214a9f9eaad22522438ed55f4ae2624fe0f2057c136b274e214bea2b
SHA512

dcde82965588455a09a9b767044a248c48fb45ff90cd95496a4eebd64d66b296a9754c9c8a50b302171ac23617aaa7622a2744db99461bb74b307ab83c5a0e16
SSDEEP

24576:Wap3ZY4PDqpiWn1pbUKKQrDopDJ7lEGmC:x3xOTPQKKyD4JREJC

Score

7^/10

evasion trojan

Malware Config

Targets

- Target
  
  a50d1dfe214a9f9eaad22522438ed55f4ae2624fe0f2057c136b274e214bea2b
- Size
  
  777KB
- MD5
  
  8c62b3b941b6f46223d51b0fc34d92cb
- SHA1
  
  93556867e53784733743a648b6c9e5261be3f8ea
- SHA256
  
  a50d1dfe214a9f9eaad22522438ed55f4ae2624fe0f2057c136b274e214bea2b
- SHA512
  
  dcde82965588455a09a9b767044a248c48fb45ff90cd95496a4eebd64d66b296a9754c9c8a50b302171ac23617aaa7622a2744db99461bb74b307ab83c5a0e16
- SSDEEP
  
  24576:Wap3ZY4PDqpiWn1pbUKKQrDopDJ7lEGmC:x3xOTPQKKyD4JREJC
Score

7^/10

evasion trojan
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2