12a94a5467c39a70f99d803aa90ce07e3e5023b823ab4e4fbbd198182e7b1e21 | Triage

Sharing

General

Target

072fe18ae9f8f084578572e7f6ebfbcd
Size

562KB
Sample

231229-3m8mtsggeq
MD5

072fe18ae9f8f084578572e7f6ebfbcd
SHA1

1d6dfb2891175f3e4271b9a7061116de6297847b
SHA256

12a94a5467c39a70f99d803aa90ce07e3e5023b823ab4e4fbbd198182e7b1e21
SHA512

82b108f1b54bc1ab12c8175874c395b9b3cb160514b7b9e7d0e18ca809ef66fa0725bd868ea719d00845e73f2a6b91e652b2dc6a431d506a412c1241c7a1dbf5
SSDEEP

12288:w7S9nai9Tgs0dgevhJupAqJY4NG0y5IdjpyoDTrjSS8ENTFJW9P5uh46WDzt:w7S9T9TAlhwAUG0y5oDTrjyATFJmwqtt

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  072fe18ae9f8f084578572e7f6ebfbcd
- Size
  
  562KB
- MD5
  
  072fe18ae9f8f084578572e7f6ebfbcd
- SHA1
  
  1d6dfb2891175f3e4271b9a7061116de6297847b
- SHA256
  
  12a94a5467c39a70f99d803aa90ce07e3e5023b823ab4e4fbbd198182e7b1e21
- SHA512
  
  82b108f1b54bc1ab12c8175874c395b9b3cb160514b7b9e7d0e18ca809ef66fa0725bd868ea719d00845e73f2a6b91e652b2dc6a431d506a412c1241c7a1dbf5
- SSDEEP
  
  12288:w7S9nai9Tgs0dgevhJupAqJY4NG0y5IdjpyoDTrjSS8ENTFJW9P5uh46WDzt:w7S9T9TAlhwAUG0y5oDTrjyATFJmwqtt
Score

9^/10

evasion
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2