441ecdd8f26302808b7acae5b9462d5735b244ae1010045fbc117e2a7475f1a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

441ecdd8f26302808b7acae5b9462d5735b244ae1010045fbc117e2a7475f1a4
Size

837KB
Sample

221202-aayb4sdf99
MD5

b545be6ae3b2703a9703a86db2b842f1
SHA1

a7377075de9d5c2b4295524dcce439bb20786a71
SHA256

441ecdd8f26302808b7acae5b9462d5735b244ae1010045fbc117e2a7475f1a4
SHA512

ac65b5bbda8b4f9f74aecd6119ff0c3caabad99fae1057bd3f37e186caddc499e0c742c6ac2cde0c533815f8da77e1eb4d9cfbd837965c9b5ee0a4272337efef
SSDEEP

24576:yigRBr5MucSyZZh4sk0a73AGNkTZkvsRcjpN:y3/rhGn6sroNk8sC9N

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  441ecdd8f26302808b7acae5b9462d5735b244ae1010045fbc117e2a7475f1a4
- Size
  
  837KB
- MD5
  
  b545be6ae3b2703a9703a86db2b842f1
- SHA1
  
  a7377075de9d5c2b4295524dcce439bb20786a71
- SHA256
  
  441ecdd8f26302808b7acae5b9462d5735b244ae1010045fbc117e2a7475f1a4
- SHA512
  
  ac65b5bbda8b4f9f74aecd6119ff0c3caabad99fae1057bd3f37e186caddc499e0c742c6ac2cde0c533815f8da77e1eb4d9cfbd837965c9b5ee0a4272337efef
- SSDEEP
  
  24576:yigRBr5MucSyZZh4sk0a73AGNkTZkvsRcjpN:y3/rhGn6sroNk8sC9N
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2