General
-
Target
VC_Redist.86x.exe
-
Size
76.4MB
-
Sample
240419-cmtkssdh37
-
MD5
09053225a1959b6db8d9e9616919b30b
-
SHA1
f616e3d14c6ace7b3f9131d569496cebdabd0110
-
SHA256
900faaa33f20c6f018e74416f226362b3f9d0a8a869255d488c61d059560943c
-
SHA512
2b812a02c96d5f9dd66fb42bde4a62f027ceb7db59c844a5d2393e9789068eb965e4cdc60a7d37623e94fe8ffddf7946b8301d72b65da115fe45bdf755ec1963
-
SSDEEP
1572864:yviEZjFWWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WVhjP311qZ9U3:yvZZAWSkB05awcfQtnpuK0cd09U
Behavioral task
behavioral1
Sample
VC_Redist.86x.exe
Resource
win10-20240404-de
Malware Config
Targets
-
-
Target
VC_Redist.86x.exe
-
Size
76.4MB
-
MD5
09053225a1959b6db8d9e9616919b30b
-
SHA1
f616e3d14c6ace7b3f9131d569496cebdabd0110
-
SHA256
900faaa33f20c6f018e74416f226362b3f9d0a8a869255d488c61d059560943c
-
SHA512
2b812a02c96d5f9dd66fb42bde4a62f027ceb7db59c844a5d2393e9789068eb965e4cdc60a7d37623e94fe8ffddf7946b8301d72b65da115fe45bdf755ec1963
-
SSDEEP
1572864:yviEZjFWWSk8IpG7V+VPhqYdfME7mjx6iYweyJulZUdgu0WVhjP311qZ9U3:yvZZAWSkB05awcfQtnpuK0cd09U
Score9/10-
Enumerates VirtualBox DLL files
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Legitimate hosting services abused for malware hosting/C2
-
MITRE ATT&CK Matrix ATT&CK v13
Privilege Escalation
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Defense Evasion
Virtualization/Sandbox Evasion
1Hide Artifacts
2Hidden Files and Directories
2Modify Registry
2