2201413976a9b5c2222edeae4c705e132efcc136671f5787f73df9e2ccc8a135 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2201413976a9b5c2222edeae4c705e132efcc136671f5787f73df9e2ccc8a135
Size

72KB
Sample

221002-hgdkaacdc5
MD5

49cac2ec903a040fce7b140e75393111
SHA1

c12f0d09b05e27bcbcc9d3f9c99304047c55943c
SHA256

2201413976a9b5c2222edeae4c705e132efcc136671f5787f73df9e2ccc8a135
SHA512

8fe83e76d1240a78f38da7a0a0c9f30b8ecc25e2bb277da584e17b466cf9c0d3b5d4057666b975a1461a44eccdd308fe25e64fa78785dcedd38b2c89e9d0ee5c
SSDEEP

768:Jb8/NWoWxw3jl9lPTK47YO+dC0CtyHuAA98gMM6Df4uZXcoKEzONJTMGXMFLmbMo:S/NDWxwTrlO48OoCT0FJ/1OAFKbZy0

Score

6^/10

Malware Config

Targets

- Target
  
  2201413976a9b5c2222edeae4c705e132efcc136671f5787f73df9e2ccc8a135
- Size
  
  72KB
- MD5
  
  49cac2ec903a040fce7b140e75393111
- SHA1
  
  c12f0d09b05e27bcbcc9d3f9c99304047c55943c
- SHA256
  
  2201413976a9b5c2222edeae4c705e132efcc136671f5787f73df9e2ccc8a135
- SHA512
  
  8fe83e76d1240a78f38da7a0a0c9f30b8ecc25e2bb277da584e17b466cf9c0d3b5d4057666b975a1461a44eccdd308fe25e64fa78785dcedd38b2c89e9d0ee5c
- SSDEEP
  
  768:Jb8/NWoWxw3jl9lPTK47YO+dC0CtyHuAA98gMM6Df4uZXcoKEzONJTMGXMFLmbMo:S/NDWxwTrlO48OoCT0FJ/1OAFKbZy0
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2