c1bae889da7252c8aa7c7446117a0dfd0e285621de369f5a9c204ac5662b11dd | Triage

Resubmissions

07/02/2023, 14:13

230207-rjd39sfc9s 10

07/02/2023, 14:08

230207-rfx2zaca82 9

Sharing

General

Target

wbroidpyUsiqfHRGEXoN-Q4oViHeNp9anCBKxWYrEd0.bin
Size

143KB
Sample

230207-rfx2zaca82
MD5

920625c516d7184fed4610279dd6c164
SHA1

6e1fc17dd3965d707a29f0ca2ad01f693fe506b6
SHA256

c1bae889da7252c8aa7c7446117a0dfd0e285621de369f5a9c204ac5662b11dd
SHA512

3a6b0b7bb654384699f06db91f8bc287be128f6dc57e6fb2d19129d2557e04f311b6201a8783483790751645c0df8d702265bed7d09380019d09ceee74052058
SSDEEP

3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  wbroidpyUsiqfHRGEXoN-Q4oViHeNp9anCBKxWYrEd0.bin
- Size
  
  143KB
- MD5
  
  920625c516d7184fed4610279dd6c164
- SHA1
  
  6e1fc17dd3965d707a29f0ca2ad01f693fe506b6
- SHA256
  
  c1bae889da7252c8aa7c7446117a0dfd0e285621de369f5a9c204ac5662b11dd
- SHA512
  
  3a6b0b7bb654384699f06db91f8bc287be128f6dc57e6fb2d19129d2557e04f311b6201a8783483790751645c0df8d702265bed7d09380019d09ceee74052058
- SSDEEP
  
  3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2