b3ae8a0aafcf5c80de6c034fb9c639ba3957d3d94ea4b0ca39b94ff21e4a3f94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3ae8a0aafcf5c80de6c034fb9c639ba3957d3d94ea4b0ca39b94ff21e4a3f94
Size

696KB
Sample

221203-sbtpesaf43
MD5

dc40d2cee90b743e3a53fed422564433
SHA1

172a7a49c48e6670782095040b049d2365734295
SHA256

b3ae8a0aafcf5c80de6c034fb9c639ba3957d3d94ea4b0ca39b94ff21e4a3f94
SHA512

3ed9b659fbcbbe6076e797bcce9f270ce15f86b3749210a78a2d6129724688843322d8e415ec72477b59f8faa971750f6f2c2c74dfa050efd45d73e30420381a
SSDEEP

12288:i/zk8tALgHeuljwMhVGJzbZH2kZOOaGMln1:Gg8HZlsnJOdr1

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  b3ae8a0aafcf5c80de6c034fb9c639ba3957d3d94ea4b0ca39b94ff21e4a3f94
- Size
  
  696KB
- MD5
  
  dc40d2cee90b743e3a53fed422564433
- SHA1
  
  172a7a49c48e6670782095040b049d2365734295
- SHA256
  
  b3ae8a0aafcf5c80de6c034fb9c639ba3957d3d94ea4b0ca39b94ff21e4a3f94
- SHA512
  
  3ed9b659fbcbbe6076e797bcce9f270ce15f86b3749210a78a2d6129724688843322d8e415ec72477b59f8faa971750f6f2c2c74dfa050efd45d73e30420381a
- SSDEEP
  
  12288:i/zk8tALgHeuljwMhVGJzbZH2kZOOaGMln1:Gg8HZlsnJOdr1
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2