1b4cd404d1963b797003961421918ec657447397e67db22747b6b097ee906e09 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87bb61b71bcf5e1fe5ccf73250add8b1
Size

1.3MB
Sample

240201-1kw5xahafj
MD5

87bb61b71bcf5e1fe5ccf73250add8b1
SHA1

de4a5e5c4b763e6c76886f380034f477f517457e
SHA256

1b4cd404d1963b797003961421918ec657447397e67db22747b6b097ee906e09
SHA512

fc9ed81484d68b5cbe05ce4757f922645a056c2a3611d24ac83cd73ecd7a33fbca3b7638a909265bb45f2ef8c767483e5ccd4a78909d46524a9b1881f0f92d74
SSDEEP

24576:arERoWWCC9SMGFB9INygOel6UmyHVqKO6qSdZxv/usGPrVlDj5kbuMww:UPEFUYxc6UX1qBAvuVlhkSTw

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  87bb61b71bcf5e1fe5ccf73250add8b1
- Size
  
  1.3MB
- MD5
  
  87bb61b71bcf5e1fe5ccf73250add8b1
- SHA1
  
  de4a5e5c4b763e6c76886f380034f477f517457e
- SHA256
  
  1b4cd404d1963b797003961421918ec657447397e67db22747b6b097ee906e09
- SHA512
  
  fc9ed81484d68b5cbe05ce4757f922645a056c2a3611d24ac83cd73ecd7a33fbca3b7638a909265bb45f2ef8c767483e5ccd4a78909d46524a9b1881f0f92d74
- SSDEEP
  
  24576:arERoWWCC9SMGFB9INygOel6UmyHVqKO6qSdZxv/usGPrVlDj5kbuMww:UPEFUYxc6UX1qBAvuVlhkSTw
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2