68fd3c0280143111a65d87919df8ca557bf9e59bee1574fd0630f6a20e98e7a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c96034adf8aa5368733c1512a5cb7851
Size

470KB
Sample

240314-xqhmxsee56
MD5

c96034adf8aa5368733c1512a5cb7851
SHA1

ced44d4b12c6c356fdc69ebdaeef2b7bbea6675a
SHA256

68fd3c0280143111a65d87919df8ca557bf9e59bee1574fd0630f6a20e98e7a7
SHA512

efb7c438ab3efe79f0876050f30d0c66739c4116463f7fdba2eb020ae5068ec4518521f9d8bfaf12e03ce80e7056efcb40b02137ea24b2827bb82b78165c707b
SSDEEP

12288:eyW5FagvXtPwEFAOxbU458UMKyKzR8F2IfT4l:tO4Qt1FAOdZ8tKyC8Al

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  c96034adf8aa5368733c1512a5cb7851
- Size
  
  470KB
- MD5
  
  c96034adf8aa5368733c1512a5cb7851
- SHA1
  
  ced44d4b12c6c356fdc69ebdaeef2b7bbea6675a
- SHA256
  
  68fd3c0280143111a65d87919df8ca557bf9e59bee1574fd0630f6a20e98e7a7
- SHA512
  
  efb7c438ab3efe79f0876050f30d0c66739c4116463f7fdba2eb020ae5068ec4518521f9d8bfaf12e03ce80e7056efcb40b02137ea24b2827bb82b78165c707b
- SSDEEP
  
  12288:eyW5FagvXtPwEFAOxbU458UMKyKzR8F2IfT4l:tO4Qt1FAOdZ8tKyC8Al
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2