24e304c047a528d3ea46a55165e4133f40e6e6bce33830a465dc8e7f82dc9303 | Triage

Sharing

General

Target

232703ff8b0d0ffa5b02a4fd1a9627b5
Size

525KB
Sample

231225-q5hg5seha9
MD5

232703ff8b0d0ffa5b02a4fd1a9627b5
SHA1

f4791d0d1ca41eaac91064822804df7e16e8b076
SHA256

24e304c047a528d3ea46a55165e4133f40e6e6bce33830a465dc8e7f82dc9303
SHA512

39ece7ac9b58afb419bdd72fdf2f6e6c2d10d667868c7352ba391e92215fd33e3c7561396ea76e61525aa1681cb0f991d81e04696cb36ce47cf8d022bdf0c0fb
SSDEEP

12288:Jumluf6qAJ89A1OohumlBm8VxzSS6/42hc4X5:JumlPh1jumjzxzAq4X5

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  232703ff8b0d0ffa5b02a4fd1a9627b5
- Size
  
  525KB
- MD5
  
  232703ff8b0d0ffa5b02a4fd1a9627b5
- SHA1
  
  f4791d0d1ca41eaac91064822804df7e16e8b076
- SHA256
  
  24e304c047a528d3ea46a55165e4133f40e6e6bce33830a465dc8e7f82dc9303
- SHA512
  
  39ece7ac9b58afb419bdd72fdf2f6e6c2d10d667868c7352ba391e92215fd33e3c7561396ea76e61525aa1681cb0f991d81e04696cb36ce47cf8d022bdf0c0fb
- SSDEEP
  
  12288:Jumluf6qAJ89A1OohumlBm8VxzSS6/42hc4X5:JumlPh1jumjzxzAq4X5
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2