d46daed29bdf10917f653f2f2855b2b18a5c993cc9bd51d41741a140cc20b902 | Triage

Sharing

General

Target

d46daed29bdf10917f653f2f2855b2b18a5c993cc9bd51d41741a140cc20b902
Size

316KB
Sample

240425-e9bdvafe9v
MD5

06d01255ba98297943bd55ccb9921cfa
SHA1

549d754ec31f98dc96cc07aca44ebe4b60062e1a
SHA256

d46daed29bdf10917f653f2f2855b2b18a5c993cc9bd51d41741a140cc20b902
SHA512

98b7124a0076a8db04ebbf100e1a0342773aaed757593db0ceb2e702a6359c61484dc44f87eec6ff523ceb4a6a41d694a0f1c9062dbc6a1dee3e0cd638343f9b
SSDEEP

3072:VWuLibN5+s5Nr9sHj0X+Zdn2AJqP/MZpJrPktp1WQ:VWuLibN5+s5sD0XYpkd1

Score

7^/10

evasion

Malware Config

Targets

- Target
  
  d46daed29bdf10917f653f2f2855b2b18a5c993cc9bd51d41741a140cc20b902
- Size
  
  316KB
- MD5
  
  06d01255ba98297943bd55ccb9921cfa
- SHA1
  
  549d754ec31f98dc96cc07aca44ebe4b60062e1a
- SHA256
  
  d46daed29bdf10917f653f2f2855b2b18a5c993cc9bd51d41741a140cc20b902
- SHA512
  
  98b7124a0076a8db04ebbf100e1a0342773aaed757593db0ceb2e702a6359c61484dc44f87eec6ff523ceb4a6a41d694a0f1c9062dbc6a1dee3e0cd638343f9b
- SSDEEP
  
  3072:VWuLibN5+s5Nr9sHj0X+Zdn2AJqP/MZpJrPktp1WQ:VWuLibN5+s5sD0XYpkd1
Score

7^/10

evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2