71bee1b095f32083c6e133ed95561fc19738c3b8f2b16cd77026f814c74f50f4 | Triage

Sharing

General

Target

wgc.exe
Size

2.1MB
Sample

231212-hyz5lsgfdp
MD5

013725a4449430271c44a3d84405d713
SHA1

9719bd23ccdc09aa326e37ecdfa6feadc6d85bf9
SHA256

71bee1b095f32083c6e133ed95561fc19738c3b8f2b16cd77026f814c74f50f4
SHA512

d4f8802a07cd5ac6328a8db24dc5983a1beea3e3281f0b0eadde45bb730df1db83ddfe719c643b75055f20930994c024e2ce134d3a16f1377df25c776c284717
SSDEEP

49152:LyfDbnBjpDoam8uYL6K8DXHGC0LbpS9TLpy6cd5vh8zGOcf:LYPDgeOTLorf

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  wgc.exe
- Size
  
  2.1MB
- MD5
  
  013725a4449430271c44a3d84405d713
- SHA1
  
  9719bd23ccdc09aa326e37ecdfa6feadc6d85bf9
- SHA256
  
  71bee1b095f32083c6e133ed95561fc19738c3b8f2b16cd77026f814c74f50f4
- SHA512
  
  d4f8802a07cd5ac6328a8db24dc5983a1beea3e3281f0b0eadde45bb730df1db83ddfe719c643b75055f20930994c024e2ce134d3a16f1377df25c776c284717
- SSDEEP
  
  49152:LyfDbnBjpDoam8uYL6K8DXHGC0LbpS9TLpy6cd5vh8zGOcf:LYPDgeOTLorf
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2