9e96468ff41f5fcb81f7a5f39d86ab8162d35262f480a2c248cb2e31e87dfeef | Triage

Sharing

General

Target

067ba288422ed06e7bbfe92d7bceb129
Size

427KB
Sample

231229-23ybcsefg5
MD5

067ba288422ed06e7bbfe92d7bceb129
SHA1

711669a6c3bb5e2daac6ea996aaba6ea26d91210
SHA256

9e96468ff41f5fcb81f7a5f39d86ab8162d35262f480a2c248cb2e31e87dfeef
SHA512

d3533d842d9dbf16ca8c1d67f8711c7edf4e24411bb61cfb5db269208f5caa78a9cf0b6a3da0607163be1503fa7ddc73a48295ad75064582d515a74f9018b5fb
SSDEEP

12288:oVpY1/9nodor6yO4vJ958ShthAT6GlUQLt66:oS/9ncx47DohlUQQ6

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  067ba288422ed06e7bbfe92d7bceb129
- Size
  
  427KB
- MD5
  
  067ba288422ed06e7bbfe92d7bceb129
- SHA1
  
  711669a6c3bb5e2daac6ea996aaba6ea26d91210
- SHA256
  
  9e96468ff41f5fcb81f7a5f39d86ab8162d35262f480a2c248cb2e31e87dfeef
- SHA512
  
  d3533d842d9dbf16ca8c1d67f8711c7edf4e24411bb61cfb5db269208f5caa78a9cf0b6a3da0607163be1503fa7ddc73a48295ad75064582d515a74f9018b5fb
- SSDEEP
  
  12288:oVpY1/9nodor6yO4vJ958ShthAT6GlUQLt66:oS/9ncx47DohlUQQ6
Score

7^/10

evasion
- Executes dropped EXE
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2