c1e63140609115ffea873a52119902ddea4b7f68f45bdb9383a1dcb10df185bf | Triage

Sharing

General

Target

c1e63140609115ffea873a52119902ddea4b7f68f45bdb9383a1dcb10df185bf
Size

59KB
Sample

221123-tfp3gaha4z
MD5

b5b45b706411325c1e8957187f010e15
SHA1

551cd3c4744d50427d06c211107c0fb3d1484ab9
SHA256

c1e63140609115ffea873a52119902ddea4b7f68f45bdb9383a1dcb10df185bf
SHA512

c2f6ae89729b3dbd2cdab005d4e5b0d21b0dd5a7c1da595c5aaf420d8e89aeb271e957abef16aa18d8f6275ebb6c1e573287b69cc168ca018349a1d4c34099bd
SSDEEP

1536:mqkLiuYe3PP0eRW1jkF6qOyF5O+NHBwxlWayS:CLTxUeRgjksqOsA5xlWaB

Score

6^/10

discovery

Malware Config

Targets

- Target
  
  c1e63140609115ffea873a52119902ddea4b7f68f45bdb9383a1dcb10df185bf
- Size
  
  59KB
- MD5
  
  b5b45b706411325c1e8957187f010e15
- SHA1
  
  551cd3c4744d50427d06c211107c0fb3d1484ab9
- SHA256
  
  c1e63140609115ffea873a52119902ddea4b7f68f45bdb9383a1dcb10df185bf
- SHA512
  
  c2f6ae89729b3dbd2cdab005d4e5b0d21b0dd5a7c1da595c5aaf420d8e89aeb271e957abef16aa18d8f6275ebb6c1e573287b69cc168ca018349a1d4c34099bd
- SSDEEP
  
  1536:mqkLiuYe3PP0eRW1jkF6qOyF5O+NHBwxlWayS:CLTxUeRgjksqOsA5xlWaB
Score

6^/10

discovery
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2