0dd902491591dedfa81e9b09d7fb307b88c3fd9fdb9d778bbd40140304089f61 | Triage

Sharing

General

Target

0dd902491591dedfa81e9b09d7fb307b88c3fd9fdb9d778bbd40140304089f61
Size

37KB
Sample

221003-1fxkwageen
MD5

43461d30cd9a99ad1ee0b48619785a6f
SHA1

0751c6f8b0013a04484c868d208fe574f7f975a7
SHA256

0dd902491591dedfa81e9b09d7fb307b88c3fd9fdb9d778bbd40140304089f61
SHA512

5d9fb701f9437f042e57761055b109e3605001076bda767e2f64a4dd768767fd74a109c85391556476a811dccb1cd294fe78b0ed8f90d01ac20f53a77b9280fd
SSDEEP

768:hPG/2phSKWBqOret1WvfRItaGkCoeMtcng1aR2VYHc:NG/eWBqOabKpWaGkCstCc

Score

6^/10

Malware Config

Targets

- Target
  
  0dd902491591dedfa81e9b09d7fb307b88c3fd9fdb9d778bbd40140304089f61
- Size
  
  37KB
- MD5
  
  43461d30cd9a99ad1ee0b48619785a6f
- SHA1
  
  0751c6f8b0013a04484c868d208fe574f7f975a7
- SHA256
  
  0dd902491591dedfa81e9b09d7fb307b88c3fd9fdb9d778bbd40140304089f61
- SHA512
  
  5d9fb701f9437f042e57761055b109e3605001076bda767e2f64a4dd768767fd74a109c85391556476a811dccb1cd294fe78b0ed8f90d01ac20f53a77b9280fd
- SSDEEP
  
  768:hPG/2phSKWBqOret1WvfRItaGkCoeMtcng1aR2VYHc:NG/eWBqOabKpWaGkCstCc
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2