46f5b99cd288c2645dc72f899d61725f77f3e7a5f0e04798b73c7c4c7fe5f743 | Triage

Sharing

General

Target

46f5b99cd288c2645dc72f899d61725f77f3e7a5f0e04798b73c7c4c7fe5f743
Size

537KB
Sample

220714-j4cryaeagk
MD5

81714c3a032f06c06c7d9b61b7c4f3ad
SHA1

1beb36ad5663927fa02090448a7a8942a8f8c08f
SHA256

46f5b99cd288c2645dc72f899d61725f77f3e7a5f0e04798b73c7c4c7fe5f743
SHA512

824826999c7f56a3adfb82031e4a486c0972062799718d5d38b911fb5097796c2d78a28a150b5f898adee1e9c32768bd9a97674fd58dc20b0c29e8b4c0a101af

Score

6^/10

Malware Config

Targets

- Target
  
  46f5b99cd288c2645dc72f899d61725f77f3e7a5f0e04798b73c7c4c7fe5f743
- Size
  
  537KB
- MD5
  
  81714c3a032f06c06c7d9b61b7c4f3ad
- SHA1
  
  1beb36ad5663927fa02090448a7a8942a8f8c08f
- SHA256
  
  46f5b99cd288c2645dc72f899d61725f77f3e7a5f0e04798b73c7c4c7fe5f743
- SHA512
  
  824826999c7f56a3adfb82031e4a486c0972062799718d5d38b911fb5097796c2d78a28a150b5f898adee1e9c32768bd9a97674fd58dc20b0c29e8b4c0a101af
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2