892753b7efc9c9c6d28738a03b6dbe4b45822a178e81bbce0ae6be9f95b3cf58 | Triage

Sharing

General

Target

Mensajes en cuarentena.zip
Size

952KB
Sample

230818-kem22shh5s
MD5

38bf0e60a7d124cd8245217e34fff4f3
SHA1

e88814f7a18369755bb53c5e06b4aab993f49801
SHA256

892753b7efc9c9c6d28738a03b6dbe4b45822a178e81bbce0ae6be9f95b3cf58
SHA512

74bd0957dba8356fb5cd4e69186377d1b7cc81d233cd182250e1734a610a462995311c4ea81d80ab98b551792e95eb3a9f607089aee5ae5563e9e429f8c17d15
SSDEEP

24576:q6l0xSWHsfA0liB3HHX58+uofjxKPAervim3RKohoL+0Z4m:q6la+JW5jFfjxKYW5bZm

Score

7^/10

Malware Config

Targets

- Target
  
  Saning.exe
- Size
  
  557KB
- MD5
  
  3819816ccf1fbbba8b1b2656ee96caa4
- SHA1
  
  5b63c9e503aaf570a59724db7657af24bb33c29f
- SHA256
  
  c132588c80da8f2677491f1551e5c33e9f946c2dc79ef798b2675affb85a3ecc
- SHA512
  
  bd6e7c5480e0fc4f1e52c08145d3348bd0674f9ae0e6faa875bc22e1b9359025872d2156998e55b77562a50a710a590ed9b7eb5f6a365ad21ea4037265d90579
- SSDEEP
  
  6144:LZ/qRr6PRb3dOEP5YrF8LibMbSfr0GSHHaD7DcpCtVTuA+a2dqc9KmqLPuyj+iId:LBXPB4M5mRbYSj0K7wmuAi9KHLPsi4ms
Score

7^/10
- Checks QEMU agent file
  Checks presence of QEMU agent, possibly to detect virtualization.
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of SetThreadContext
behavioral1 behavioral2
- Target
  
  Saning.exe
- Size
  
  557KB
- MD5
  
  3819816ccf1fbbba8b1b2656ee96caa4
- SHA1
  
  5b63c9e503aaf570a59724db7657af24bb33c29f
- SHA256
  
  c132588c80da8f2677491f1551e5c33e9f946c2dc79ef798b2675affb85a3ecc
- SHA512
  
  bd6e7c5480e0fc4f1e52c08145d3348bd0674f9ae0e6faa875bc22e1b9359025872d2156998e55b77562a50a710a590ed9b7eb5f6a365ad21ea4037265d90579
- SSDEEP
  
  6144:LZ/qRr6PRb3dOEP5YrF8LibMbSfr0GSHHaD7DcpCtVTuA+a2dqc9KmqLPuyj+iId:LBXPB4M5mRbYSj0K7wmuAi9KHLPsi4ms
Score

7^/10
- Loads dropped DLL
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

behavioral3

behavioral4