5fb7f3fac0a9b9ab243ee642a0775500c524166ef075035c9510ccbab76ad633 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

big.jpg
Size

147KB
Sample

230207-3c5s7agb53
MD5

a1855f2ba0179e3f10fab3ecd4032cf6
SHA1

7f680c032712170a75ff1a12f646dd94b318f627
SHA256

5fb7f3fac0a9b9ab243ee642a0775500c524166ef075035c9510ccbab76ad633
SHA512

654bd37874590b7be821ef6a2bbcff24f95f6e9d6e572e8e3bac651ec01e5f614512f93c3144df4be955a509a7382747f3e274e6be0311f624875a2c6269f16a
SSDEEP

3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  big.jpg
- Size
  
  147KB
- MD5
  
  a1855f2ba0179e3f10fab3ecd4032cf6
- SHA1
  
  7f680c032712170a75ff1a12f646dd94b318f627
- SHA256
  
  5fb7f3fac0a9b9ab243ee642a0775500c524166ef075035c9510ccbab76ad633
- SHA512
  
  654bd37874590b7be821ef6a2bbcff24f95f6e9d6e572e8e3bac651ec01e5f614512f93c3144df4be955a509a7382747f3e274e6be0311f624875a2c6269f16a
- SSDEEP
  
  3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2