ea67330f45d78a6db16b21037f49e18ae4f04e4479f638f51089b74637454183 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea67330f45d78a6db16b21037f49e18ae4f04e4479f638f51089b74637454183
Size

31KB
Sample

221011-yvdefaccc9
MD5

7bfcab7ea90e492ed6d3d535dc001550
SHA1

e638178df40e0cca4dcb3e5bfc65fdc183a03739
SHA256

ea67330f45d78a6db16b21037f49e18ae4f04e4479f638f51089b74637454183
SHA512

2ef9fbbf737edb8ce06ca1d71938684dee620ec435414b2433bdb35ddc614d6d9f7e27b06baccc3a1f41cb8882740073c42d8775bc96fa667103c1da0a29ee1b
SSDEEP

768:8tFTFEpoxpbsfYZPGkDNHoy6AcrCK2XOjly:eFTipCpbsc2yBcrCbiU

Score

6^/10

Malware Config

Targets

- Target
  
  ea67330f45d78a6db16b21037f49e18ae4f04e4479f638f51089b74637454183
- Size
  
  31KB
- MD5
  
  7bfcab7ea90e492ed6d3d535dc001550
- SHA1
  
  e638178df40e0cca4dcb3e5bfc65fdc183a03739
- SHA256
  
  ea67330f45d78a6db16b21037f49e18ae4f04e4479f638f51089b74637454183
- SHA512
  
  2ef9fbbf737edb8ce06ca1d71938684dee620ec435414b2433bdb35ddc614d6d9f7e27b06baccc3a1f41cb8882740073c42d8775bc96fa667103c1da0a29ee1b
- SSDEEP
  
  768:8tFTFEpoxpbsfYZPGkDNHoy6AcrCK2XOjly:eFTipCpbsc2yBcrCbiU
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2