aeaa4d72f293b4bd6fd4608fea8714f09be26c558deb87fc045480e9168ab0fd | Triage

Sharing

General

Target

aeaa4d72f293b4bd6fd4608fea8714f09be26c558deb87fc045480e9168ab0fd
Size

617KB
Sample

241119-rach3s1qbr
MD5

9bb2d589a06062ac4806e58cd52c15d7
SHA1

5ce1bfab05582824a3a75151f0c79da9871a41e5
SHA256

aeaa4d72f293b4bd6fd4608fea8714f09be26c558deb87fc045480e9168ab0fd
SHA512

62e78312091112695e7e4dbb97bbaf7cfa7fc465a0b251d185a30d01147ddd45582b43ec7f590fffd0093b0a5c07b543318a4bb05c237cfe2243e0045fa4423a
SSDEEP

6144:k9/SAU/TrD0XYpkjLuQrU1463ipi2Hwp+5H4:k9KAUrrAXYpkjiS63ipi2H8+5Y

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  aeaa4d72f293b4bd6fd4608fea8714f09be26c558deb87fc045480e9168ab0fd
- Size
  
  617KB
- MD5
  
  9bb2d589a06062ac4806e58cd52c15d7
- SHA1
  
  5ce1bfab05582824a3a75151f0c79da9871a41e5
- SHA256
  
  aeaa4d72f293b4bd6fd4608fea8714f09be26c558deb87fc045480e9168ab0fd
- SHA512
  
  62e78312091112695e7e4dbb97bbaf7cfa7fc465a0b251d185a30d01147ddd45582b43ec7f590fffd0093b0a5c07b543318a4bb05c237cfe2243e0045fa4423a
- SSDEEP
  
  6144:k9/SAU/TrD0XYpkjLuQrU1463ipi2Hwp+5H4:k9KAUrrAXYpkjiS63ipi2H8+5Y
Score

7^/10

discovery evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion