56863316a5dd08a0c2a29b22762388a205183f9d9d952cba9750930cd812b9ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56863316a5dd08a0c2a29b22762388a205183f9d9d952cba9750930cd812b9ab
Size

1.8MB
Sample

231011-mflaysge8v
MD5

0c90f28a4b7e6c6ecd576fb63c6c58d7
SHA1

5c89aba695e31dfd0fcb2fcebaae6bc7a2110a1b
SHA256

56863316a5dd08a0c2a29b22762388a205183f9d9d952cba9750930cd812b9ab
SHA512

117a151f295a393e9a9a6edccc997f73190749c43d751f8fe71d3bbb5ed7e117aac257241854b8823849d781fe1ec02ad608de5623c02a5f911262effeebec5d
SSDEEP

24576:oXqM74u6Ua0bx+Gx9vmDFrfajHY3usxuthJDcSY:ot4vjmHxVmDFbe9h4

Score

9^/10

evasion persistence

Malware Config

Targets

- Target
  
  56863316a5dd08a0c2a29b22762388a205183f9d9d952cba9750930cd812b9ab
- Size
  
  1.8MB
- MD5
  
  0c90f28a4b7e6c6ecd576fb63c6c58d7
- SHA1
  
  5c89aba695e31dfd0fcb2fcebaae6bc7a2110a1b
- SHA256
  
  56863316a5dd08a0c2a29b22762388a205183f9d9d952cba9750930cd812b9ab
- SHA512
  
  117a151f295a393e9a9a6edccc997f73190749c43d751f8fe71d3bbb5ed7e117aac257241854b8823849d781fe1ec02ad608de5623c02a5f911262effeebec5d
- SSDEEP
  
  24576:oXqM74u6Ua0bx+Gx9vmDFrfajHY3usxuthJDcSY:ot4vjmHxVmDFbe9h4
Score

9^/10

evasion persistence
- Looks for VirtualBox drivers on disk
  evasion
- Adds Run key to start application
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

File and Directory Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence