ecad4ad76e95a4690f4f78c2ecd3bf876fbc0fa60dd7145083694fda364fab95 | Triage

Sharing

General

Target

ecad4ad76e95a4690f4f78c2ecd3bf876fbc0fa60dd7145083694fda364fab95
Size

68KB
Sample

221123-xn6a7sff24
MD5

528f52987656501f485543ea2ba07220
SHA1

ff96700d91d9d6ebb37bfb6acf3a7f9efba3b3ed
SHA256

ecad4ad76e95a4690f4f78c2ecd3bf876fbc0fa60dd7145083694fda364fab95
SHA512

3f278731f59a2f0f3173c2aa88d0e232b301559f6c6a0f40284a8f57b49bdb40aa079f5869c3e09fef3ed196ab07b3d97620a990c25ecfb6b967279c7f040aaf
SSDEEP

1536:YQ5Uw0DA+uVE+pvdxvov6kPxOAkQLgZtKIuq:Y0UcVEnxHLQ5

Score

6^/10

Malware Config

Targets

- Target
  
  ecad4ad76e95a4690f4f78c2ecd3bf876fbc0fa60dd7145083694fda364fab95
- Size
  
  68KB
- MD5
  
  528f52987656501f485543ea2ba07220
- SHA1
  
  ff96700d91d9d6ebb37bfb6acf3a7f9efba3b3ed
- SHA256
  
  ecad4ad76e95a4690f4f78c2ecd3bf876fbc0fa60dd7145083694fda364fab95
- SHA512
  
  3f278731f59a2f0f3173c2aa88d0e232b301559f6c6a0f40284a8f57b49bdb40aa079f5869c3e09fef3ed196ab07b3d97620a990c25ecfb6b967279c7f040aaf
- SSDEEP
  
  1536:YQ5Uw0DA+uVE+pvdxvov6kPxOAkQLgZtKIuq:Y0UcVEnxHLQ5
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2