cf14d5281ac9902ef969a0003486ee10c64eabe1425712f7e4657d7d4bad9625 | Triage

Sharing

General

Target

cf14d5281ac9902ef969a0003486ee10c64eabe1425712f7e4657d7d4bad9625
Size

826KB
Sample

241119-sf7rvayarn
MD5

7c295c0d54e1dab2f9af2d454c24ef13
SHA1

3642345330050343bc89277f8ad5477251ceabae
SHA256

cf14d5281ac9902ef969a0003486ee10c64eabe1425712f7e4657d7d4bad9625
SHA512

1da26dd7e6d7c471d3c45ea02b7fac884a0abd9b05228f22ba80401c5e749279e2c6e6f4f20a213ba95d2d97e779943e5e7842da551c415190d911965fae43b4
SSDEEP

6144:+yyHW8kkA6WTIQ0fhiZ0bpEuozW/Kb35gnFR7bsOAJbAuZvPEc3LXHB:+pG6HQozb9IW/Kb35gnn7q0Mt

Score

7^/10

discovery evasion

Malware Config

Targets

- Target
  
  cf14d5281ac9902ef969a0003486ee10c64eabe1425712f7e4657d7d4bad9625
- Size
  
  826KB
- MD5
  
  7c295c0d54e1dab2f9af2d454c24ef13
- SHA1
  
  3642345330050343bc89277f8ad5477251ceabae
- SHA256
  
  cf14d5281ac9902ef969a0003486ee10c64eabe1425712f7e4657d7d4bad9625
- SHA512
  
  1da26dd7e6d7c471d3c45ea02b7fac884a0abd9b05228f22ba80401c5e749279e2c6e6f4f20a213ba95d2d97e779943e5e7842da551c415190d911965fae43b4
- SSDEEP
  
  6144:+yyHW8kkA6WTIQ0fhiZ0bpEuozW/Kb35gnFR7bsOAJbAuZvPEc3LXHB:+pG6HQozb9IW/Kb35gnn7q0Mt
Score

7^/10

discovery evasion
- Identifies Wine through registry keys
  Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
  evasion
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasion

behavioral2

discoveryevasion