b3a4de2800f1e00855b4e9659c3adc2e3dc087df32ade2bc8a67e32095e21229 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b3a4de2800f1e00855b4e9659c3adc2e3dc087df32ade2bc8a67e32095e21229
Size

316KB
Sample

230930-phtq8abf7t
MD5

9d343742e76f842404de5088072ffeaf
SHA1

692f88c4ac9cde10c0ca38eb883b0a139237c1cd
SHA256

b3a4de2800f1e00855b4e9659c3adc2e3dc087df32ade2bc8a67e32095e21229
SHA512

4f39fc50d5f63263f2cdd27f45c7f6ca06dab1a65285a0da930ec6e366d6597fa2ed854f0f1f87dd210973144a180d7b0d0963a21d606c9ce732963c9db0ea19
SSDEEP

3072:xhZ8dpBTUp/s9tuT+QpFGDmEcG9ro3lFsHj0X+Zdn2AJqP/MZpJrynt6B8PQ:/Z8dpBTUpIuT+iFGDHcG+1SD0XYpkoB

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  b3a4de2800f1e00855b4e9659c3adc2e3dc087df32ade2bc8a67e32095e21229
- Size
  
  316KB
- MD5
  
  9d343742e76f842404de5088072ffeaf
- SHA1
  
  692f88c4ac9cde10c0ca38eb883b0a139237c1cd
- SHA256
  
  b3a4de2800f1e00855b4e9659c3adc2e3dc087df32ade2bc8a67e32095e21229
- SHA512
  
  4f39fc50d5f63263f2cdd27f45c7f6ca06dab1a65285a0da930ec6e366d6597fa2ed854f0f1f87dd210973144a180d7b0d0963a21d606c9ce732963c9db0ea19
- SSDEEP
  
  3072:xhZ8dpBTUp/s9tuT+QpFGDmEcG9ro3lFsHj0X+Zdn2AJqP/MZpJrynt6B8PQ:/Z8dpBTUpIuT+iFGDHcG+1SD0XYpkoB
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2