df82af13cbd66d7390333ae7835f7f8e505b4266855e35ec5c536dae1c9a5c2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df82af13cbd66d7390333ae7835f7f8e505b4266855e35ec5c536dae1c9a5c2e
Size

32KB
Sample

221028-ww31dahhc6
MD5

0ada35386eef4413855207c0ef2c7ea8
SHA1

94c0596b7939c9f514047c50a6929823accde40e
SHA256

df82af13cbd66d7390333ae7835f7f8e505b4266855e35ec5c536dae1c9a5c2e
SHA512

0e615360ead799d3b44c1b9a6e3e72e2822755c99c9ef47c29b425810c50aa75a18f4027cb821f04a09fc0180b8d17147e4595763ce2cc0a45eef612192bcbe9
SSDEEP

768:xB9BzSkfQboqGp5UW7lyGwy26gFstX9nIONEiiV:xBeMTqGaFs0

Score

6^/10

Malware Config

Targets

- Target
  
  df82af13cbd66d7390333ae7835f7f8e505b4266855e35ec5c536dae1c9a5c2e
- Size
  
  32KB
- MD5
  
  0ada35386eef4413855207c0ef2c7ea8
- SHA1
  
  94c0596b7939c9f514047c50a6929823accde40e
- SHA256
  
  df82af13cbd66d7390333ae7835f7f8e505b4266855e35ec5c536dae1c9a5c2e
- SHA512
  
  0e615360ead799d3b44c1b9a6e3e72e2822755c99c9ef47c29b425810c50aa75a18f4027cb821f04a09fc0180b8d17147e4595763ce2cc0a45eef612192bcbe9
- SSDEEP
  
  768:xB9BzSkfQboqGp5UW7lyGwy26gFstX9nIONEiiV:xBeMTqGaFs0
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2