ec9dd0cda4267e4dcf57d0f46fc788e838ed813b401078f8cfdd6599495fe979 | Triage

Sharing

General

Target

ec9dd0cda4267e4dcf57d0f46fc788e838ed813b401078f8cfdd6599495fe979
Size

60KB
Sample

221121-smflyaae4v
MD5

39b8566903ebf2342f49b729a53f29c6
SHA1

8d4dc85eecb669f4d384106191faf66d754d75e3
SHA256

ec9dd0cda4267e4dcf57d0f46fc788e838ed813b401078f8cfdd6599495fe979
SHA512

db7448351f6deb82e5aba9cbfbe23085bd3f3ff9d779c62804b58a523d803924c6938d96741c590b11c05e584f1c7a87041bbb8c37acb1bfa4897c9e1d96c315
SSDEEP

768:Tnm/Nmd07jsQ+1fwYpnRCUhiy11aPvlKZRWYwf5kBOy3IvZTHzOwK2wtE:TmA0KVI5yraXP5koy3gZLawJsE

Score

6^/10

Malware Config

Targets

- Target
  
  ec9dd0cda4267e4dcf57d0f46fc788e838ed813b401078f8cfdd6599495fe979
- Size
  
  60KB
- MD5
  
  39b8566903ebf2342f49b729a53f29c6
- SHA1
  
  8d4dc85eecb669f4d384106191faf66d754d75e3
- SHA256
  
  ec9dd0cda4267e4dcf57d0f46fc788e838ed813b401078f8cfdd6599495fe979
- SHA512
  
  db7448351f6deb82e5aba9cbfbe23085bd3f3ff9d779c62804b58a523d803924c6938d96741c590b11c05e584f1c7a87041bbb8c37acb1bfa4897c9e1d96c315
- SSDEEP
  
  768:Tnm/Nmd07jsQ+1fwYpnRCUhiy11aPvlKZRWYwf5kBOy3IvZTHzOwK2wtE:TmA0KVI5yraXP5koy3gZLawJsE
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2