f3b9f3db67989a7e48a5243ab6f7c56d0ee465034c0ff815cbab6c12833132e4 | Triage

Sharing

General

Target

f3b9f3db67989a7e48a5243ab6f7c56d0ee465034c0ff815cbab6c12833132e4
Size

119KB
Sample

221123-3y297adf34
MD5

345560b87e590b844564bb2c5697d297
SHA1

0a8f69f0fad3d6614f217464b70af6045f05c550
SHA256

f3b9f3db67989a7e48a5243ab6f7c56d0ee465034c0ff815cbab6c12833132e4
SHA512

521ddccb3fa140390049ca0f223b4452c42dd3b8ea43843d426f05731084fa9f738d66c864d233c34c05c045793d17db7fcdb59ae362c27f534cf70f46793c54
SSDEEP

1536:HgCA+jiClcbj20vqpg2c5sbMj+hyXKkaXod1e13:cAlcn2Fc5sbnEKods

Score

6^/10

Malware Config

Targets

- Target
  
  f3b9f3db67989a7e48a5243ab6f7c56d0ee465034c0ff815cbab6c12833132e4
- Size
  
  119KB
- MD5
  
  345560b87e590b844564bb2c5697d297
- SHA1
  
  0a8f69f0fad3d6614f217464b70af6045f05c550
- SHA256
  
  f3b9f3db67989a7e48a5243ab6f7c56d0ee465034c0ff815cbab6c12833132e4
- SHA512
  
  521ddccb3fa140390049ca0f223b4452c42dd3b8ea43843d426f05731084fa9f738d66c864d233c34c05c045793d17db7fcdb59ae362c27f534cf70f46793c54
- SSDEEP
  
  1536:HgCA+jiClcbj20vqpg2c5sbMj+hyXKkaXod1e13:cAlcn2Fc5sbnEKods
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2