68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615 | Triage

Sharing

General

Target

68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615
Size

5.5MB
Sample

230111-c2mqssea91
MD5

f7d01887a78b0a733bb24ef02e60587e
SHA1

feffef1c8bec053a3e4d2eae47392bafc902d3d4
SHA256

68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615
SHA512

2ca9f455fd19455ebc5b197fa46388e3324860601ecb92faaf1718258618e68a7a80b877d78becf912e2c9fd62144e184b7b802b07585ed55ffb80425578d4aa
SSDEEP

98304:9KVqwunsy/L7pnEuTVHf+lRVhdYGTiv1LJbs2jkRgi0WAFj58EUlFM1oUd85ioHl:9AYsy/LFEAV/+vVL61NTw9ImEUAeUE

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615
- Size
  
  5.5MB
- MD5
  
  f7d01887a78b0a733bb24ef02e60587e
- SHA1
  
  feffef1c8bec053a3e4d2eae47392bafc902d3d4
- SHA256
  
  68602789df4c2be14c7504de26c94583ebe20bde78778f199597678bf7e19615
- SHA512
  
  2ca9f455fd19455ebc5b197fa46388e3324860601ecb92faaf1718258618e68a7a80b877d78becf912e2c9fd62144e184b7b802b07585ed55ffb80425578d4aa
- SSDEEP
  
  98304:9KVqwunsy/L7pnEuTVHf+lRVhdYGTiv1LJbs2jkRgi0WAFj58EUlFM1oUd85ioHl:9AYsy/LFEAV/+vVL61NTw9ImEUAeUE
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2