14490327eee14fdf3839d5769f98ae39873c39533344270ee4e4f033f1544616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fa611ed74e0df495eb005cd98a182d6
Size

566KB
Sample

231226-p1p6raedh9
MD5

6fa611ed74e0df495eb005cd98a182d6
SHA1

563846a42d5d567397d83eb7d9c7cfb27e8ad6c6
SHA256

14490327eee14fdf3839d5769f98ae39873c39533344270ee4e4f033f1544616
SHA512

b2211996975a33e82de900bcb60c7c69690fb840dc044888667a95ca3eba78c532ad63e6e10ceecf636b780c1124cdc6440f0a8ca5808937177a4314ecb1c8c6
SSDEEP

12288:87KIY9QLsDTE+n/0yrCY2ygd/55+JOUNeKU1dAe/eqtMf/rxAf3bvuO9dk:87K9/DT3/NrCYuLCOCUQe7MnravuOI

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  6fa611ed74e0df495eb005cd98a182d6
- Size
  
  566KB
- MD5
  
  6fa611ed74e0df495eb005cd98a182d6
- SHA1
  
  563846a42d5d567397d83eb7d9c7cfb27e8ad6c6
- SHA256
  
  14490327eee14fdf3839d5769f98ae39873c39533344270ee4e4f033f1544616
- SHA512
  
  b2211996975a33e82de900bcb60c7c69690fb840dc044888667a95ca3eba78c532ad63e6e10ceecf636b780c1124cdc6440f0a8ca5808937177a4314ecb1c8c6
- SSDEEP
  
  12288:87KIY9QLsDTE+n/0yrCY2ygd/55+JOUNeKU1dAe/eqtMf/rxAf3bvuO9dk:87K9/DT3/NrCYuLCOCUQe7MnravuOI
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2