81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587 | Triage

Sharing

General

Target

81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587
Size

3.7MB
Sample

241031-j4x3wavdpm
MD5

f03d5f46a5ddc0f5566e9ef986ea73d3
SHA1

0ab62819a6c50d062fa3eab6b31c4891198ef070
SHA256

81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587
SHA512

e4925d7a944f0f2397e5cc7d507cad937700a8abde8be668834492df455c5b63799ad5e3a94518b8b82d49fc2c3a0576e0971dd9d54ddd28178b3c448d53df45
SSDEEP

49152:Z5DNHI/59uMDwiMdQycjd25mPmRF2gGenHd/cb4mm30bCV7uUKTT8heQpwTI+8x6:hB9tR2en9/h8bV2wk+IC

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587
- Size
  
  3.7MB
- MD5
  
  f03d5f46a5ddc0f5566e9ef986ea73d3
- SHA1
  
  0ab62819a6c50d062fa3eab6b31c4891198ef070
- SHA256
  
  81b1519c961f3a755458d17700ad673a23b5ad9fb6eaf6b150a320921d9cb587
- SHA512
  
  e4925d7a944f0f2397e5cc7d507cad937700a8abde8be668834492df455c5b63799ad5e3a94518b8b82d49fc2c3a0576e0971dd9d54ddd28178b3c448d53df45
- SSDEEP
  
  49152:Z5DNHI/59uMDwiMdQycjd25mPmRF2gGenHd/cb4mm30bCV7uUKTT8heQpwTI+8x6:hB9tR2en9/h8bV2wk+IC
Score

7^/10

discovery evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion