c4893d5fe7fbb40bc7d7e8ccda671140ccabdc7dc844ffe8d1d0374886c47643 | Triage

Sharing

General

Target

c4893d5fe7fbb40bc7d7e8ccda671140ccabdc7dc844ffe8d1d0374886c47643
Size

100KB
Sample

221014-l9c11aagc4
MD5

7547e8dc5f3bed6288a9995eb0bb3f82
SHA1

8d9979b81bfd3a92c854cbf4c62b1bef5ad0fbd4
SHA256

c4893d5fe7fbb40bc7d7e8ccda671140ccabdc7dc844ffe8d1d0374886c47643
SHA512

1a159878539879025be276d5b2f31f39217d81ad65ce017dbd3a89424f45b5fe425c8b770d9f19b5bde8816af258c9974858ae45c9170dfdc43f05b518b19ac4
SSDEEP

1536:1GSa+NLXPUYJD2WtF2RdOj9MSpxoXapzff7++c8FC5yfXdl3dJ5:1GNZYhniw9MSUapzfC+DFC5yfX/9

Score

6^/10

Malware Config

Targets

- Target
  
  c4893d5fe7fbb40bc7d7e8ccda671140ccabdc7dc844ffe8d1d0374886c47643
- Size
  
  100KB
- MD5
  
  7547e8dc5f3bed6288a9995eb0bb3f82
- SHA1
  
  8d9979b81bfd3a92c854cbf4c62b1bef5ad0fbd4
- SHA256
  
  c4893d5fe7fbb40bc7d7e8ccda671140ccabdc7dc844ffe8d1d0374886c47643
- SHA512
  
  1a159878539879025be276d5b2f31f39217d81ad65ce017dbd3a89424f45b5fe425c8b770d9f19b5bde8816af258c9974858ae45c9170dfdc43f05b518b19ac4
- SSDEEP
  
  1536:1GSa+NLXPUYJD2WtF2RdOj9MSpxoXapzff7++c8FC5yfXdl3dJ5:1GNZYhniw9MSUapzfC+DFC5yfX/9
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2