73dc1e764c00b89cc21abb1fb0147b88ffa40c9bf4651064c52a3cde189a343a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

xtool.exe
Size

3.6MB
Sample

240428-lc826sce83
MD5

4b53de56306a5acc377d2d183b857cf8
SHA1

31b1588b02888c0555bcf281c3e013bdc231e756
SHA256

73dc1e764c00b89cc21abb1fb0147b88ffa40c9bf4651064c52a3cde189a343a
SHA512

d034bd899ec66981d5304bf9fe8580a2df4b7f6aad5e0419802fef13509f1a67c520cc8c89a03247fa600db4488dded3afe07a2847db3d71d2cf8ad35066c949
SSDEEP

49152:bl3g5fYO3k+NxkVlmAxoOigcrfiF0tdYgWOxtNebO6hLpQPeVfj1gWFqkkpGWmKr:bSbn0l0H3g

Score

7^/10

Malware Config

Targets

- Target
  
  xtool.exe
- Size
  
  3.6MB
- MD5
  
  4b53de56306a5acc377d2d183b857cf8
- SHA1
  
  31b1588b02888c0555bcf281c3e013bdc231e756
- SHA256
  
  73dc1e764c00b89cc21abb1fb0147b88ffa40c9bf4651064c52a3cde189a343a
- SHA512
  
  d034bd899ec66981d5304bf9fe8580a2df4b7f6aad5e0419802fef13509f1a67c520cc8c89a03247fa600db4488dded3afe07a2847db3d71d2cf8ad35066c949
- SSDEEP
  
  49152:bl3g5fYO3k+NxkVlmAxoOigcrfiF0tdYgWOxtNebO6hLpQPeVfj1gWFqkkpGWmKr:bSbn0l0H3g
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2