6cff78aa6be208a46ad15f4830ab01f8e449482ad438fbe24fe6d06d2f2bdf12 | Triage

Sharing

General

Target

6cff78aa6be208a46ad15f4830ab01f8e449482ad438fbe24fe6d06d2f2bdf12
Size

1.1MB
Sample

221206-yy8dzsaa82
MD5

05f29cfee1c61a12e0a7078c86a3cb88
SHA1

5e8e96f3a8788bf25dfd76c3649fed4f4ebc9c2d
SHA256

6cff78aa6be208a46ad15f4830ab01f8e449482ad438fbe24fe6d06d2f2bdf12
SHA512

cba1b2c212988fca1d27a6856dfc6d1c165be7963d0d2f9082620d2fee59ba29414c694539b682ce86f7dc667196b38dafd662c9ef1d98cd1b2e8bc625646f79
SSDEEP

24576:FlbBimdr+d793uBNB9ouyROHzPK7FqA/2YkRU86JG:FlbBH+d7VKD9ouywTPEUyruUb

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  6cff78aa6be208a46ad15f4830ab01f8e449482ad438fbe24fe6d06d2f2bdf12
- Size
  
  1.1MB
- MD5
  
  05f29cfee1c61a12e0a7078c86a3cb88
- SHA1
  
  5e8e96f3a8788bf25dfd76c3649fed4f4ebc9c2d
- SHA256
  
  6cff78aa6be208a46ad15f4830ab01f8e449482ad438fbe24fe6d06d2f2bdf12
- SHA512
  
  cba1b2c212988fca1d27a6856dfc6d1c165be7963d0d2f9082620d2fee59ba29414c694539b682ce86f7dc667196b38dafd662c9ef1d98cd1b2e8bc625646f79
- SSDEEP
  
  24576:FlbBimdr+d793uBNB9ouyROHzPK7FqA/2YkRU86JG:FlbBH+d7VKD9ouywTPEUyruUb
Score

9^/10

evasion persistence
- Checks for common network interception software
  Looks in the registry for tools like Wireshark or Fiddler commonly used to analyze network activity.
  evasion
- Enumerates VirtualBox registry keys
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Software Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

evasionpersistence