ea146d3285167c8e5005f36ef993ac770de35f8e7d070a3342af261501955988 | Triage

Sharing

General

Target

48446e6f4bbf70897beb6aa9b9e931ea
Size

686KB
Sample

240107-g98qfshba6
MD5

48446e6f4bbf70897beb6aa9b9e931ea
SHA1

f2f54882f41f18c11267e434cd1bedd48e679a94
SHA256

ea146d3285167c8e5005f36ef993ac770de35f8e7d070a3342af261501955988
SHA512

dda31e487cd4a702f16ee41d8df3fb5541db177a0eaf7af718a1fbe7ec10c733d310ecc18d1806c5bebf490bed72695f5923db3121bc832966ecf25db217e8f4
SSDEEP

12288:jLJlYStw/w7efNBwdmb6AecPdhvjDexRKjtpt99Q3jgffYjvO0Xgof:jLJlH2/wqffwAbHdhvoRKnza3cffYjvp

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  48446e6f4bbf70897beb6aa9b9e931ea
- Size
  
  686KB
- MD5
  
  48446e6f4bbf70897beb6aa9b9e931ea
- SHA1
  
  f2f54882f41f18c11267e434cd1bedd48e679a94
- SHA256
  
  ea146d3285167c8e5005f36ef993ac770de35f8e7d070a3342af261501955988
- SHA512
  
  dda31e487cd4a702f16ee41d8df3fb5541db177a0eaf7af718a1fbe7ec10c733d310ecc18d1806c5bebf490bed72695f5923db3121bc832966ecf25db217e8f4
- SSDEEP
  
  12288:jLJlYStw/w7efNBwdmb6AecPdhvjDexRKjtpt99Q3jgffYjvO0Xgof:jLJlH2/wqffwAbHdhvoRKnza3cffYjvp
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2