General
-
Target
source_prepared.exe
-
Size
80.2MB
-
Sample
230919-ydewyabf6w
-
MD5
6e726df58046946e23312bef7da424ae
-
SHA1
d887c4b61c4e59f9546c5bd38a28458ef7aca981
-
SHA256
7e852645ff43019e57c0af11f1f802d215cea037f89c3c1d34aa22521ad37c36
-
SHA512
3b3bbc23fdc4cb70dafb07c12f564061f99e702049faa7684246f39373a34e7788348aa28ba2dba9131e1e43929e26941d06d4bfd878845578fe033d7d6ca417
-
SSDEEP
1572864:l2MTiQYHuiEH/E7lftaDtWWc2Mp6SbDirAH8+1osuTCSxOB6xMbWuamrBDzzg:lZTixO3HPhlc2gnbDS6xjKcBaOvamrxQ
Behavioral task
behavioral1
Sample
source_prepared.exe
Resource
win10v2004-20230915-en
Malware Config
Targets
-
-
Target
source_prepared.exe
-
Size
80.2MB
-
MD5
6e726df58046946e23312bef7da424ae
-
SHA1
d887c4b61c4e59f9546c5bd38a28458ef7aca981
-
SHA256
7e852645ff43019e57c0af11f1f802d215cea037f89c3c1d34aa22521ad37c36
-
SHA512
3b3bbc23fdc4cb70dafb07c12f564061f99e702049faa7684246f39373a34e7788348aa28ba2dba9131e1e43929e26941d06d4bfd878845578fe033d7d6ca417
-
SSDEEP
1572864:l2MTiQYHuiEH/E7lftaDtWWc2Mp6SbDirAH8+1osuTCSxOB6xMbWuamrBDzzg:lZTixO3HPhlc2gnbDS6xjKcBaOvamrxQ
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Modifies system executable filetype association
-
Registers COM server for autorun
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
Checks system information in the registry
System information is often read in order to detect sandboxing environments.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Event Triggered Execution
1Change Default File Association
1