02a3c5856ac159467c9b767f76dbeecc6a1c928cd1a491acb91d57351a8ce1e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

NVIDIA Container.exe
Size

8.6MB
Sample

241018-e2qtkazfkj
MD5

1ff58739a19152b3c21dbe8c8bcf4f99
SHA1

9504bdf61432e656a467ce1cd913f02b638eef43
SHA256

02a3c5856ac159467c9b767f76dbeecc6a1c928cd1a491acb91d57351a8ce1e9
SHA512

7f21473334913bc2aeb06291ce2c3021a2439a2f9bb875f95944756135e566d4b1bcc6fd7563f65c7515220cc4bf2ec11d688152799cd98a5f5de638a40571bb
SSDEEP

196608:R6Qxbz+A+7JqVvD+o0hOjbupekzSQhWcceBV:R6wbzS7YVb30hYUL2GWHeBV

Score

9^/10

discovery evasion

Malware Config

Targets

- Target
  
  NVIDIA Container.exe
- Size
  
  8.6MB
- MD5
  
  1ff58739a19152b3c21dbe8c8bcf4f99
- SHA1
  
  9504bdf61432e656a467ce1cd913f02b638eef43
- SHA256
  
  02a3c5856ac159467c9b767f76dbeecc6a1c928cd1a491acb91d57351a8ce1e9
- SHA512
  
  7f21473334913bc2aeb06291ce2c3021a2439a2f9bb875f95944756135e566d4b1bcc6fd7563f65c7515220cc4bf2ec11d688152799cd98a5f5de638a40571bb
- SSDEEP
  
  196608:R6Qxbz+A+7JqVvD+o0hOjbupekzSQhWcceBV:R6wbzS7YVb30hYUL2GWHeBV
Score

9^/10

discovery evasion
- Looks for VirtualBox Guest Additions in registry
  evasion
- Looks for VMWare Tools registry key
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion