General
-
Target
LisectAVT_2403002A_207.exe
-
Size
5.4MB
-
Sample
240724-3v7qhavcqq
-
MD5
af0196851c9279e5260a065bb8f0303a
-
SHA1
9fc63107b27e24184e0b28a717639f6ba590ac3e
-
SHA256
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782
-
SHA512
211106407975ae5b7fef0cb6ee94137308e01bd6036243730a99f89f5b94c65ef3a90b57b3ea6f7d86b1ebf15220197e971b11666f7b97c742c4d985bf9dac3b
-
SSDEEP
98304:tNe3owTB0iX3gFtwFmvS/1wPVeBEecJkUv6LzS3vv3jirr3jjWiTaOvifviOr8IG:tU3owTB9X3atwFk1VeBEeEkTbI0nctaP
Behavioral task
behavioral1
Sample
LisectAVT_2403002A_207.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
LisectAVT_2403002A_207.exe
Resource
win10v2004-20240709-en
Malware Config
Targets
-
-
Target
LisectAVT_2403002A_207.exe
-
Size
5.4MB
-
MD5
af0196851c9279e5260a065bb8f0303a
-
SHA1
9fc63107b27e24184e0b28a717639f6ba590ac3e
-
SHA256
78e428ffa6d4bbcd4306de8f487d58316193cf7e6f56fca39e32859c2920b782
-
SHA512
211106407975ae5b7fef0cb6ee94137308e01bd6036243730a99f89f5b94c65ef3a90b57b3ea6f7d86b1ebf15220197e971b11666f7b97c742c4d985bf9dac3b
-
SSDEEP
98304:tNe3owTB0iX3gFtwFmvS/1wPVeBEecJkUv6LzS3vv3jirr3jjWiTaOvifviOr8IG:tU3owTB9X3atwFk1VeBEeEkTbI0nctaP
Score10/10-
Detects HijackLoader (aka IDAT Loader)
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Suspicious use of SetThreadContext
-
MITRE ATT&CK Enterprise v15
Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1Virtualization/Sandbox Evasion
1