36f987f4a0567cc9019379a0580fcdb9716acb49ba17ed760ef7e71c5831fe89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36f987f4a0567cc9019379a0580fcdb9716acb49ba17ed760ef7e71c5831fe89
Size

31KB
Sample

221106-slqeraahen
MD5

0fd59bbf65f039da24dd438327af8090
SHA1

d789ec6e829e8a032f49c5d92264c6087eb82f3d
SHA256

36f987f4a0567cc9019379a0580fcdb9716acb49ba17ed760ef7e71c5831fe89
SHA512

10020ba3d1ed7c4ce7ce967ad35d5e06f1daf0744dc0fd67394ddb6fcf4f368a186195989f2b8a816cba8d68a87ba3ed5129d47a458be9d4db1587d67a3feb9f
SSDEEP

768:822JB+qSN51/ruhXsojxoTYugudncrCK2XOjl+:J2JLSRuhc+x+9fcrCbig

Score

6^/10

Malware Config

Targets

- Target
  
  36f987f4a0567cc9019379a0580fcdb9716acb49ba17ed760ef7e71c5831fe89
- Size
  
  31KB
- MD5
  
  0fd59bbf65f039da24dd438327af8090
- SHA1
  
  d789ec6e829e8a032f49c5d92264c6087eb82f3d
- SHA256
  
  36f987f4a0567cc9019379a0580fcdb9716acb49ba17ed760ef7e71c5831fe89
- SHA512
  
  10020ba3d1ed7c4ce7ce967ad35d5e06f1daf0744dc0fd67394ddb6fcf4f368a186195989f2b8a816cba8d68a87ba3ed5129d47a458be9d4db1587d67a3feb9f
- SSDEEP
  
  768:822JB+qSN51/ruhXsojxoTYugudncrCK2XOjl+:J2JLSRuhc+x+9fcrCbig
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2