90830ec786320bb6b731062b213fc15fd76b426ddff7cefda051e4cb8da5ea17 | Triage

Sharing

General

Target

90830ec786320bb6b731062b213fc15fd76b426ddff7cefda051e4cb8da5ea17
Size

15.3MB
Sample

240524-fve9xseg2y
MD5

a132620d38102241b497d7438b5f582c
SHA1

e70f247ff87afcbcb740f3cb2825f3dc507bd05b
SHA256

90830ec786320bb6b731062b213fc15fd76b426ddff7cefda051e4cb8da5ea17
SHA512

577aee04c928cfd24c2d1b6e395068a952424f3013218a8fbdb4f1baeb813c7c0a6e81b8e5d08ce285b22e2ec9ac2e0c68c5daa4c6754017abf9c0998e620f4e
SSDEEP

196608:rZzrENt07+s5HLVqLyR66z5cC+uUGqJunTGKLT2A1t5kqMD+cpvJ/4H3nmghWoaw:rZVz86FBhnLXMFgXnU7sElKy

Score

9^/10

evasion

Malware Config

Targets

- Target
  
  90830ec786320bb6b731062b213fc15fd76b426ddff7cefda051e4cb8da5ea17
- Size
  
  15.3MB
- MD5
  
  a132620d38102241b497d7438b5f582c
- SHA1
  
  e70f247ff87afcbcb740f3cb2825f3dc507bd05b
- SHA256
  
  90830ec786320bb6b731062b213fc15fd76b426ddff7cefda051e4cb8da5ea17
- SHA512
  
  577aee04c928cfd24c2d1b6e395068a952424f3013218a8fbdb4f1baeb813c7c0a6e81b8e5d08ce285b22e2ec9ac2e0c68c5daa4c6754017abf9c0998e620f4e
- SSDEEP
  
  196608:rZzrENt07+s5HLVqLyR66z5cC+uUGqJunTGKLT2A1t5kqMD+cpvJ/4H3nmghWoaw:rZVz86FBhnLXMFgXnU7sElKy
Score

9^/10

evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

Virtualization/Sandbox Evasion

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

behavioral2