3d4dd39b2e43fa5723c7f58622e0af5a4abac55d227e6c3063d58a73d46d2949 | Triage

Sharing

General

Target

cevents.exe
Size

8.1MB
Sample

231014-d86mxsgc45
MD5

951c95b7aefb23b3970ed13aa8d1a301
SHA1

75b9924955e775e53ebae22466fa0554be0488ea
SHA256

3d4dd39b2e43fa5723c7f58622e0af5a4abac55d227e6c3063d58a73d46d2949
SHA512

16583e7eafd1a4dc1b5a786972c7cdda86aeb959f96dc9c40f59e6c6e3d15f0d8596172daa0d0fb8b6922f2392d4d3d11e14005c32d74d98c096a4faaa73c342
SSDEEP

98304:NhJgRMkSKX2N5yWurtjLt8GsdFcwLOj9IZGTj+yZ69dB/G9ePiB9X9:NcukSStjLt8Lv/qaO9ePiV

Score

7^/10

antivm linux

Malware Config

Targets

- Target
  
  cevents.exe
- Size
  
  8.1MB
- MD5
  
  951c95b7aefb23b3970ed13aa8d1a301
- SHA1
  
  75b9924955e775e53ebae22466fa0554be0488ea
- SHA256
  
  3d4dd39b2e43fa5723c7f58622e0af5a4abac55d227e6c3063d58a73d46d2949
- SHA512
  
  16583e7eafd1a4dc1b5a786972c7cdda86aeb959f96dc9c40f59e6c6e3d15f0d8596172daa0d0fb8b6922f2392d4d3d11e14005c32d74d98c096a4faaa73c342
- SSDEEP
  
  98304:NhJgRMkSKX2N5yWurtjLt8GsdFcwLOj9IZGTj+yZ69dB/G9ePiB9X9:NcukSStjLt8Lv/qaO9ePiV
Score

7^/10

antivm
- Changes its process name
- Checks CPU configuration
  Checks CPU information which indicate if the system is a virtual machine.
  antivm
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1