e7ffecd00e1ee957bc7b87408297873f3001a350a863499524ce705a5295769f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e7ffecd00e1ee957bc7b87408297873f3001a350a863499524ce705a5295769f
Size

35KB
Sample

221020-bxcjlaghap
MD5

81115df1a908118886da0ca3c9f1e8b0
SHA1

edf9f4c3cc9743ee11b6061c3dd007e21165307b
SHA256

e7ffecd00e1ee957bc7b87408297873f3001a350a863499524ce705a5295769f
SHA512

72a43e3ff9e4b41d0cf1c014a14916d03b2bc66f9e2da0a0cc26873b15e63b974401993d5747faf8d9300ccbd6784c89e0522d164d556f68902d16b571af94b1
SSDEEP

384:DbIw+M81cjgmpAjaaViouxlOrIXtTBCwSGl65rPSF0RT/3jeI+NyPy6SOvO/hbEN:DbCM8qpfaVhrAZg6l6FSG/Q/6SmUhg

Score

6^/10

Malware Config

Targets

- Target
  
  e7ffecd00e1ee957bc7b87408297873f3001a350a863499524ce705a5295769f
- Size
  
  35KB
- MD5
  
  81115df1a908118886da0ca3c9f1e8b0
- SHA1
  
  edf9f4c3cc9743ee11b6061c3dd007e21165307b
- SHA256
  
  e7ffecd00e1ee957bc7b87408297873f3001a350a863499524ce705a5295769f
- SHA512
  
  72a43e3ff9e4b41d0cf1c014a14916d03b2bc66f9e2da0a0cc26873b15e63b974401993d5747faf8d9300ccbd6784c89e0522d164d556f68902d16b571af94b1
- SSDEEP
  
  384:DbIw+M81cjgmpAjaaViouxlOrIXtTBCwSGl65rPSF0RT/3jeI+NyPy6SOvO/hbEN:DbCM8qpfaVhrAZg6l6FSG/Q/6SmUhg
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2