8e94939e0cb64ed4903f74789210127192f572f575d3e4724cddb6f1a7ee9be0 | Triage

Sharing

General

Target

8e94939e0cb64ed4903f74789210127192f572f575d3e4724cddb6f1a7ee9be0
Size

52KB
Sample

221106-s7s3rscacj
MD5

03efc3aa4e6f7fabe075ce2772fecf98
SHA1

2a33da7c27d6256fb1259242f076df60aab366d2
SHA256

8e94939e0cb64ed4903f74789210127192f572f575d3e4724cddb6f1a7ee9be0
SHA512

fb3e859447498824617d928be64d2faaa331cc7e3a0acf9d33764f84bb1bf0321f4f978f1df62fc4c0bf7f4e6f967af502808f42b83b12fff20edfc0b50b77e8
SSDEEP

768:v+RQSYAF9A/YBCvmiB/vcUY/CSXQ6Nhirqbbm0t03:v+wAYgBwpGCV6OyF8

Score

6^/10

Malware Config

Targets

- Target
  
  8e94939e0cb64ed4903f74789210127192f572f575d3e4724cddb6f1a7ee9be0
- Size
  
  52KB
- MD5
  
  03efc3aa4e6f7fabe075ce2772fecf98
- SHA1
  
  2a33da7c27d6256fb1259242f076df60aab366d2
- SHA256
  
  8e94939e0cb64ed4903f74789210127192f572f575d3e4724cddb6f1a7ee9be0
- SHA512
  
  fb3e859447498824617d928be64d2faaa331cc7e3a0acf9d33764f84bb1bf0321f4f978f1df62fc4c0bf7f4e6f967af502808f42b83b12fff20edfc0b50b77e8
- SSDEEP
  
  768:v+RQSYAF9A/YBCvmiB/vcUY/CSXQ6Nhirqbbm0t03:v+wAYgBwpGCV6OyF8
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2