c7282cf4279be403dd5e7ba6a63d2e3cb59d33686885384de3b5635b0a4c492e | Triage

Sharing

General

Target

c7282cf4279be403dd5e7ba6a63d2e3cb59d33686885384de3b5635b0a4c492e
Size

104KB
Sample

221123-vfahfsgh46
MD5

5bf6f3ec6c21e2ab6e67134f38275e4e
SHA1

c16b7849726061df7367124d5a264b86c43d996c
SHA256

c7282cf4279be403dd5e7ba6a63d2e3cb59d33686885384de3b5635b0a4c492e
SHA512

3c024722779ebbb35a8942ead69b9ede9e0b7f4d7649143710dbf65ddec96320b343e9879d5a6ca57c3e308972c5e86aa8f3690a8ddecee88f1ba8548384fb6c
SSDEEP

1536:uTkEe8rn91K+XOdkq/2kWKs0zuhos3P/UZfyeDbXck7wuw2t6rLWNp:uTkEeu1Kbky2Ph0zEos3UBygkZ2k

Score

6^/10

Malware Config

Targets

- Target
  
  c7282cf4279be403dd5e7ba6a63d2e3cb59d33686885384de3b5635b0a4c492e
- Size
  
  104KB
- MD5
  
  5bf6f3ec6c21e2ab6e67134f38275e4e
- SHA1
  
  c16b7849726061df7367124d5a264b86c43d996c
- SHA256
  
  c7282cf4279be403dd5e7ba6a63d2e3cb59d33686885384de3b5635b0a4c492e
- SHA512
  
  3c024722779ebbb35a8942ead69b9ede9e0b7f4d7649143710dbf65ddec96320b343e9879d5a6ca57c3e308972c5e86aa8f3690a8ddecee88f1ba8548384fb6c
- SSDEEP
  
  1536:uTkEe8rn91K+XOdkq/2kWKs0zuhos3P/UZfyeDbXck7wuw2t6rLWNp:uTkEeu1Kbky2Ph0zEos3UBygkZ2k
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2