df980381c255db03682bacf2a6931ee0f49846aaef0e6170d393fa3dd8e75823 | Triage

Sharing

General

Target

df980381c255db03682bacf2a6931ee0f49846aaef0e6170d393fa3dd8e75823
Size

494KB
Sample

221204-rb7qlseg33
MD5

c157719d0c33e2c8f93cd119be15ffd7
SHA1

7c9a9f3c9048958a8c65737b19a9e4a3cce1424b
SHA256

df980381c255db03682bacf2a6931ee0f49846aaef0e6170d393fa3dd8e75823
SHA512

9cd7eca48ab5efe17c7d2ea0d657d59a57ac5418538d087d280b86ab629fc1cb221e37b97df5328c4dabf8ce0375af0fda92579d50e2e85c51178463210157f8
SSDEEP

12288:adxn0zTR3VTGrwsCVdv5uILrMZ3MT7hKemV9tiqUltUZwln:a4R3deoVdv5uIYghKLhywwl

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  df980381c255db03682bacf2a6931ee0f49846aaef0e6170d393fa3dd8e75823
- Size
  
  494KB
- MD5
  
  c157719d0c33e2c8f93cd119be15ffd7
- SHA1
  
  7c9a9f3c9048958a8c65737b19a9e4a3cce1424b
- SHA256
  
  df980381c255db03682bacf2a6931ee0f49846aaef0e6170d393fa3dd8e75823
- SHA512
  
  9cd7eca48ab5efe17c7d2ea0d657d59a57ac5418538d087d280b86ab629fc1cb221e37b97df5328c4dabf8ce0375af0fda92579d50e2e85c51178463210157f8
- SSDEEP
  
  12288:adxn0zTR3VTGrwsCVdv5uILrMZ3MT7hKemV9tiqUltUZwln:a4R3deoVdv5uIYghKLhywwl
Score

9^/10

evasion
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2