137d99c10c38f42b4db7b6c94376600844bcc2a878d94a31f98982c44b3baee0 | Triage

Sharing

General

Target

137d99c10c38f42b4db7b6c94376600844bcc2a878d94a31f98982c44b3baee0
Size

122KB
Sample

221107-rka31adeaj
MD5

0433c60a249730829b9df7c66585280a
SHA1

a578a54514a0faf9f00435d153ec74ccb803f0c4
SHA256

137d99c10c38f42b4db7b6c94376600844bcc2a878d94a31f98982c44b3baee0
SHA512

cbdd16addb2c72082b7fdb713225203d6ed6640e9ff827f4f40147ea17830d436a535564536a0a2118b0f9c8d92b0a87e11976d93d9bc42f079456698d230be5
SSDEEP

3072:sufO+VTTywpp4PcShif3MKyeI7+uhmqWMGrsN4s/u:9NTywr4vif3MwY+uhfN5G

Score

8^/10

persistence

Malware Config

Targets

- Target
  
  137d99c10c38f42b4db7b6c94376600844bcc2a878d94a31f98982c44b3baee0
- Size
  
  122KB
- MD5
  
  0433c60a249730829b9df7c66585280a
- SHA1
  
  a578a54514a0faf9f00435d153ec74ccb803f0c4
- SHA256
  
  137d99c10c38f42b4db7b6c94376600844bcc2a878d94a31f98982c44b3baee0
- SHA512
  
  cbdd16addb2c72082b7fdb713225203d6ed6640e9ff827f4f40147ea17830d436a535564536a0a2118b0f9c8d92b0a87e11976d93d9bc42f079456698d230be5
- SSDEEP
  
  3072:sufO+VTTywpp4PcShif3MKyeI7+uhmqWMGrsN4s/u:9NTywr4vif3MwY+uhfN5G
Score

8^/10

persistence
- Adds policy Run key to start application
  persistence
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2