b7b24ad523e021b74371b78fa96ae73ef88735557d08f43af4359916ea815d7d | Triage

Sharing

General

Target

b7b24ad523e021b74371b78fa96ae73ef88735557d08f43af4359916ea815d7d
Size

92KB
Sample

221002-3dvplsfbd3
MD5

01fb8715d82295206166581fb6d3828e
SHA1

a381261ee2e26acb4775dd642156650f18a90e82
SHA256

b7b24ad523e021b74371b78fa96ae73ef88735557d08f43af4359916ea815d7d
SHA512

6cd8c433e8331d4c04779a12ceebc76a45890d2bc1d253e53ca8d2269254877c041cc3bf2c42dc0076b365981142a266a993effa43d4ced015c2ca7f542a6f80
SSDEEP

768:PakbBiezcbBua6/JMpdkn/M+SGn3YBvZQTRq+WAYwWz8sj24CQcmdbESu9PDRC:ykZSBunJMpdkQG3YBh7RwWzj24YSuDC

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  b7b24ad523e021b74371b78fa96ae73ef88735557d08f43af4359916ea815d7d
- Size
  
  92KB
- MD5
  
  01fb8715d82295206166581fb6d3828e
- SHA1
  
  a381261ee2e26acb4775dd642156650f18a90e82
- SHA256
  
  b7b24ad523e021b74371b78fa96ae73ef88735557d08f43af4359916ea815d7d
- SHA512
  
  6cd8c433e8331d4c04779a12ceebc76a45890d2bc1d253e53ca8d2269254877c041cc3bf2c42dc0076b365981142a266a993effa43d4ced015c2ca7f542a6f80
- SSDEEP
  
  768:PakbBiezcbBua6/JMpdkn/M+SGn3YBvZQTRq+WAYwWz8sj24CQcmdbESu9PDRC:ykZSBunJMpdkQG3YBh7RwWzj24YSuDC
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2