111bfe98f3c03bb503de2b0b37eada4ac55d67f2eece7a670495aa9847bdd9f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Advanced.exe
Size

18.9MB
Sample

240520-saf2yafc6z
MD5

74e064e383a487b6c0f9b4ff0e6c2b07
SHA1

e034e4005041f15e79644b0e5603d898332e9d72
SHA256

111bfe98f3c03bb503de2b0b37eada4ac55d67f2eece7a670495aa9847bdd9f4
SHA512

26041fca45e5d8ad47cc55850da4b307ba29116f858d8ee0e002d51bc9cd3a44a24dca491580b3d3eb6f90b645d2eeea0f68c56bc35a7a41cd43aa72a24a6f6a
SSDEEP

393216:gRk1WLJXjaZZM5AAvChy8zteigvvFFhKMhjpDHrp4biPj4G8KGVdcQJk1:gRxVjSZ9AYyFFhKgr6biPjCKIdvJk1

Score

8^/10

evasion

Malware Config

Targets

- Target
  
  Advanced.exe
- Size
  
  18.9MB
- MD5
  
  74e064e383a487b6c0f9b4ff0e6c2b07
- SHA1
  
  e034e4005041f15e79644b0e5603d898332e9d72
- SHA256
  
  111bfe98f3c03bb503de2b0b37eada4ac55d67f2eece7a670495aa9847bdd9f4
- SHA512
  
  26041fca45e5d8ad47cc55850da4b307ba29116f858d8ee0e002d51bc9cd3a44a24dca491580b3d3eb6f90b645d2eeea0f68c56bc35a7a41cd43aa72a24a6f6a
- SSDEEP
  
  393216:gRk1WLJXjaZZM5AAvChy8zteigvvFFhKMhjpDHrp4biPj4G8KGVdcQJk1:gRxVjSZ9AYyFFhKgr6biPjCKIdvJk1
Score

8^/10

evasion
- Looks for VMWare Tools registry key
  evasion
- Deletes itself
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1