6a548d706f853649a27da8097be9cbf0e9d0d22a04f7e0371fb598c5fe995c03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a548d706f853649a27da8097be9cbf0e9d0d22a04f7e0371fb598c5fe995c03
Size

48KB
Sample

221121-vgkptaab77
MD5

3b7e021b568a31add9f202cf80b8b0a0
SHA1

9a3f3008af1d498b46b157e8885897659f7217bd
SHA256

6a548d706f853649a27da8097be9cbf0e9d0d22a04f7e0371fb598c5fe995c03
SHA512

cfb6b3b2863b3add80490a73117bfffc32abf961d9e6e08b3fdba6c208d504ce551a7aa792877b1b5183f3f8633521694a86feebb82fa624d508380a3c2e5c06
SSDEEP

768:rYKonlh6qoiSbEcOsaRg1hWUii82u5E6v6iNlXqlyXw:rYK46M2v1kiqNBqYA

Score

6^/10

Malware Config

Targets

- Target
  
  6a548d706f853649a27da8097be9cbf0e9d0d22a04f7e0371fb598c5fe995c03
- Size
  
  48KB
- MD5
  
  3b7e021b568a31add9f202cf80b8b0a0
- SHA1
  
  9a3f3008af1d498b46b157e8885897659f7217bd
- SHA256
  
  6a548d706f853649a27da8097be9cbf0e9d0d22a04f7e0371fb598c5fe995c03
- SHA512
  
  cfb6b3b2863b3add80490a73117bfffc32abf961d9e6e08b3fdba6c208d504ce551a7aa792877b1b5183f3f8633521694a86feebb82fa624d508380a3c2e5c06
- SSDEEP
  
  768:rYKonlh6qoiSbEcOsaRg1hWUii82u5E6v6iNlXqlyXw:rYK46M2v1kiqNBqYA
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2