f892bbfe87e1280c0848ecb11a93defc299a652681b93f8bd7f4f57a4bd9f448 | Triage

Sharing

General

Target

f892bbfe87e1280c0848ecb11a93defc299a652681b93f8bd7f4f57a4bd9f448
Size

64KB
Sample

221020-f33eesfgam
MD5

801fb08f4109a77dbb9c4a44ab070b30
SHA1

7551dfe2a1a868ee8fdda4de342f1ee2f6bc621e
SHA256

f892bbfe87e1280c0848ecb11a93defc299a652681b93f8bd7f4f57a4bd9f448
SHA512

cf649bd67955a4153d2815ab183f698499331bde4ef2623329f5e1ec893f8056e5ed499964da3df6cc3f415dc3de5db82968ead84a47549b8f9345146ef21e1a
SSDEEP

1536:taz67bjh60wx9UaVt95ycyLnZSYNZXf6hHoFZa:esjMVt95ycyLnZSYNZXf6hHN

Score

6^/10

Malware Config

Targets

- Target
  
  f892bbfe87e1280c0848ecb11a93defc299a652681b93f8bd7f4f57a4bd9f448
- Size
  
  64KB
- MD5
  
  801fb08f4109a77dbb9c4a44ab070b30
- SHA1
  
  7551dfe2a1a868ee8fdda4de342f1ee2f6bc621e
- SHA256
  
  f892bbfe87e1280c0848ecb11a93defc299a652681b93f8bd7f4f57a4bd9f448
- SHA512
  
  cf649bd67955a4153d2815ab183f698499331bde4ef2623329f5e1ec893f8056e5ed499964da3df6cc3f415dc3de5db82968ead84a47549b8f9345146ef21e1a
- SSDEEP
  
  1536:taz67bjh60wx9UaVt95ycyLnZSYNZXf6hHoFZa:esjMVt95ycyLnZSYNZXf6hHN
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2