05212dfa222beb331feb3fd15b5cd724172032f53c1c38ed9d77c3af49400e13 | Triage

Sharing

General

Target

6f9a6f72480ac66f318a4f36d1af7dce
Size

512KB
Sample

231226-pz5vtaedb8
MD5

6f9a6f72480ac66f318a4f36d1af7dce
SHA1

29b00cdeb69385c36a30de25b343fe9295412f97
SHA256

05212dfa222beb331feb3fd15b5cd724172032f53c1c38ed9d77c3af49400e13
SHA512

d5c7516a0a6e194fbc5814f412a331feac5268a0f613b4c2f3b41c82e79cd53c67de0cf1f581ae9d9a59615ba20fda0fdc1a96c1b9ff1c71eaa6474af8d3e3d0
SSDEEP

12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4y:0+h9OY70z+warul3E4y

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  6f9a6f72480ac66f318a4f36d1af7dce
- Size
  
  512KB
- MD5
  
  6f9a6f72480ac66f318a4f36d1af7dce
- SHA1
  
  29b00cdeb69385c36a30de25b343fe9295412f97
- SHA256
  
  05212dfa222beb331feb3fd15b5cd724172032f53c1c38ed9d77c3af49400e13
- SHA512
  
  d5c7516a0a6e194fbc5814f412a331feac5268a0f613b4c2f3b41c82e79cd53c67de0cf1f581ae9d9a59615ba20fda0fdc1a96c1b9ff1c71eaa6474af8d3e3d0
- SSDEEP
  
  12288:0+h9St2Ma70zIIc91Dwws4zruXic2O/3E4y:0+h9OY70z+warul3E4y
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2