a8f8d2cbcf99ec74101213a3ab2709f203876a9acc2c8a45c27537f79fff1bd8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8f8d2cbcf99ec74101213a3ab2709f203876a9acc2c8a45c27537f79fff1bd8
Size

64KB
Sample

221019-rmlbrabde3
MD5

9228b61664e9ee09a474fe9eaea32c10
SHA1

2f5254b11559d4fd4884537e438618ba4c215b7e
SHA256

a8f8d2cbcf99ec74101213a3ab2709f203876a9acc2c8a45c27537f79fff1bd8
SHA512

ce9f2612aaccaff7396b531951a4e2937b05bf89e6c976dbbe10b95ea096deff23839b2c6b2f75addc31da3b41b3b6e5624722ba174f84a60a24d6f505badeb0
SSDEEP

1536:t8oFgR5xQ6aVt95ycyLnZSYNZXf6hHoFZA:HFgzqZVt95ycyLnZSYNZXf6hHD

Score

6^/10

Malware Config

Targets

- Target
  
  a8f8d2cbcf99ec74101213a3ab2709f203876a9acc2c8a45c27537f79fff1bd8
- Size
  
  64KB
- MD5
  
  9228b61664e9ee09a474fe9eaea32c10
- SHA1
  
  2f5254b11559d4fd4884537e438618ba4c215b7e
- SHA256
  
  a8f8d2cbcf99ec74101213a3ab2709f203876a9acc2c8a45c27537f79fff1bd8
- SHA512
  
  ce9f2612aaccaff7396b531951a4e2937b05bf89e6c976dbbe10b95ea096deff23839b2c6b2f75addc31da3b41b3b6e5624722ba174f84a60a24d6f505badeb0
- SSDEEP
  
  1536:t8oFgR5xQ6aVt95ycyLnZSYNZXf6hHoFZA:HFgzqZVt95ycyLnZSYNZXf6hHD
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2