707d8b322b6ae7c70344034b7802b1ddcca766114425f9ae212bc79394cb4aeb | Triage

Resubmissions

12-10-2023 03:24

231012-dyhs4sce9w 8

17-09-2023 21:25

230917-z9paxscg7t 8

17-09-2023 21:06

230917-zxs4cacg4s 8

17-09-2023 20:58

230917-zscwkafc29 8

Sharing

General

Target

VTYaQsAA0Hei.exe
Size

5.8MB
Sample

230917-z9paxscg7t
MD5

284fb670fe2bc13889345537218dc883
SHA1

6a0f9bf98ae4417fbad3681bc57e7f795e40b160
SHA256

707d8b322b6ae7c70344034b7802b1ddcca766114425f9ae212bc79394cb4aeb
SHA512

9f3b34b97dc56622cafe89fc1f913a9ce61a43c4ac7fa65b1a0f229289fe8e139f8163953be6bb924d2909ed2c707d2b6552c06596bf1097ea665fd6e5935bcf
SSDEEP

98304:irb/nXZD75WXGVuJB1687EcfM6tQ1DmcJSLROcZbVO3WS8iWQNekngFVDXnd:irb/nXhtFm68rfRt4mGSLR/ZEmSdNZgB

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  VTYaQsAA0Hei.exe
- Size
  
  5.8MB
- MD5
  
  284fb670fe2bc13889345537218dc883
- SHA1
  
  6a0f9bf98ae4417fbad3681bc57e7f795e40b160
- SHA256
  
  707d8b322b6ae7c70344034b7802b1ddcca766114425f9ae212bc79394cb4aeb
- SHA512
  
  9f3b34b97dc56622cafe89fc1f913a9ce61a43c4ac7fa65b1a0f229289fe8e139f8163953be6bb924d2909ed2c707d2b6552c06596bf1097ea665fd6e5935bcf
- SSDEEP
  
  98304:irb/nXZD75WXGVuJB1687EcfM6tQ1DmcJSLROcZbVO3WS8iWQNekngFVDXnd:irb/nXhtFm68rfRt4mGSLR/ZEmSdNZgB
Score

8^/10

evasion
- Looks for VMWare services registry key.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2