c328af6a43591f7e71d54686b75e87babd185499282c748a6766e5cfc721e305 | Triage

Sharing

General

Target

PrecisionBuildOne.exe
Size

47KB
Sample

240219-3nzrbagb25
MD5

cc0b62622f1d417079f1eee9916a9ecc
SHA1

a756c90e180a7a03558b6736689bb6db18307903
SHA256

c328af6a43591f7e71d54686b75e87babd185499282c748a6766e5cfc721e305
SHA512

204c65be35aaa4700a622290873f80195bf2a798e2fd52e5f3be6105feb1487a3af4a656d6ea3d76afa6e65378e1139964ead7bc8a2e2ce69e7eab86b1be1559
SSDEEP

768:wNSkwV6Ja7I09g+Q82jgfAUbZ6EdIfc9eDWlhzLJTtYcFwVc6K:wNSkW6aibjgflbgEdI5DAzLJDwVcl

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  PrecisionBuildOne.exe
- Size
  
  47KB
- MD5
  
  cc0b62622f1d417079f1eee9916a9ecc
- SHA1
  
  a756c90e180a7a03558b6736689bb6db18307903
- SHA256
  
  c328af6a43591f7e71d54686b75e87babd185499282c748a6766e5cfc721e305
- SHA512
  
  204c65be35aaa4700a622290873f80195bf2a798e2fd52e5f3be6105feb1487a3af4a656d6ea3d76afa6e65378e1139964ead7bc8a2e2ce69e7eab86b1be1559
- SSDEEP
  
  768:wNSkwV6Ja7I09g+Q82jgfAUbZ6EdIfc9eDWlhzLJTtYcFwVc6K:wNSkW6aibjgflbgEdI5DAzLJDwVcl
Score

9^/10

evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- Looks for VMWare Tools registry key
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1