4ad4b1410ed957d39985d24c613036f2b777dd2ed01a3ae7a9ab28e298f29ede | Triage

Resubmissions

09-02-2023 09:04

230209-k1zyqsdc3w 9

09-02-2023 08:58

230209-kxfexsda4t 9

Sharing

General

Target

00gif
Size

171KB
Sample

230209-kxfexsda4t
MD5

60827386e2d158fb3c2dff6ef19a6a3e
SHA1

7f687e70c319d419b91c85b4c8a027cae2876714
SHA256

4ad4b1410ed957d39985d24c613036f2b777dd2ed01a3ae7a9ab28e298f29ede
SHA512

a1a612af39d410ad6c5d17b016d8c0c9b4436203cc57616b436b18e40b715a4e80ab9b5419b4229b92a2a70e755a8eb41c8bda424fa503dc06ba5951f50a0bcc
SSDEEP

3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  00gif
- Size
  
  171KB
- MD5
  
  60827386e2d158fb3c2dff6ef19a6a3e
- SHA1
  
  7f687e70c319d419b91c85b4c8a027cae2876714
- SHA256
  
  4ad4b1410ed957d39985d24c613036f2b777dd2ed01a3ae7a9ab28e298f29ede
- SHA512
  
  a1a612af39d410ad6c5d17b016d8c0c9b4436203cc57616b436b18e40b715a4e80ab9b5419b4229b92a2a70e755a8eb41c8bda424fa503dc06ba5951f50a0bcc
- SSDEEP
  
  3072:8uZ6hcvJTZ9oVFBfnIyht8vPs1XQHBC92ePuH:dTN4HBnI2t8vPLu6
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Remote System Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2