91676e5bcfa10bcdc19ac6147c6f69d4451659a09a4e6e2f7e5d8b8ab1124bff | Triage

Sharing

General

Target

91676e5bcfa10bcdc19ac6147c6f69d4451659a09a4e6e2f7e5d8b8ab1124bff
Size

1.0MB
Sample

221205-ppln7adg9v
MD5

00802ce41e276b9f91eabd6449d724a4
SHA1

d8e79475b018b8266711ea93befba8df50a48717
SHA256

91676e5bcfa10bcdc19ac6147c6f69d4451659a09a4e6e2f7e5d8b8ab1124bff
SHA512

070c17c86fe50c464a74600c2f02d0ca5e1f0ac5c23e4fc0715b141d4c9258b4b3a315c520f57b0f074bc71f9ce01a92bea47064d862226a2af8c8ca6c198863
SSDEEP

24576:0Fi+SxhGnZHQAxGotipKYmZrwze4jCIg8UJcDuG0cooPApcAWDqxPZ:0FhSxsnlXAoJZj42IgzyqFcjPNAWDIZ

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  91676e5bcfa10bcdc19ac6147c6f69d4451659a09a4e6e2f7e5d8b8ab1124bff
- Size
  
  1.0MB
- MD5
  
  00802ce41e276b9f91eabd6449d724a4
- SHA1
  
  d8e79475b018b8266711ea93befba8df50a48717
- SHA256
  
  91676e5bcfa10bcdc19ac6147c6f69d4451659a09a4e6e2f7e5d8b8ab1124bff
- SHA512
  
  070c17c86fe50c464a74600c2f02d0ca5e1f0ac5c23e4fc0715b141d4c9258b4b3a315c520f57b0f074bc71f9ce01a92bea47064d862226a2af8c8ca6c198863
- SSDEEP
  
  24576:0Fi+SxhGnZHQAxGotipKYmZrwze4jCIg8UJcDuG0cooPApcAWDqxPZ:0FhSxsnlXAoJZj42IgzyqFcjPNAWDIZ
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence