ab90689eb6b2567c0ffcd14a94e1c289cd8ed6df5a711eed9cefe2541b71d2c5 | Triage

Sharing

General

Target

ab90689eb6b2567c0ffcd14a94e1c289cd8ed6df5a711eed9cefe2541b71d2c5
Size

853KB
Sample

221107-kf28csgbc3
MD5

4b0b54f4d7c30a822b77161a298d423c
SHA1

e0ef21b628a8e6f0d7240a32ff03e7a41989337c
SHA256

ab90689eb6b2567c0ffcd14a94e1c289cd8ed6df5a711eed9cefe2541b71d2c5
SHA512

041e4e88266e1758fa78e97e3e1c3d24f9cbc2a0a0df703e0ca22589f02fef3b7ca4b874c05e94b040e414dbb7081885c09e73018c786a8551318b10aab750f4
SSDEEP

24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8

Score

7^/10

Malware Config

Targets

- Target
  
  ab90689eb6b2567c0ffcd14a94e1c289cd8ed6df5a711eed9cefe2541b71d2c5
- Size
  
  853KB
- MD5
  
  4b0b54f4d7c30a822b77161a298d423c
- SHA1
  
  e0ef21b628a8e6f0d7240a32ff03e7a41989337c
- SHA256
  
  ab90689eb6b2567c0ffcd14a94e1c289cd8ed6df5a711eed9cefe2541b71d2c5
- SHA512
  
  041e4e88266e1758fa78e97e3e1c3d24f9cbc2a0a0df703e0ca22589f02fef3b7ca4b874c05e94b040e414dbb7081885c09e73018c786a8551318b10aab750f4
- SSDEEP
  
  24576:1Yq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv:mqaxyDC2JmSoPvikO8
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2