8dd4bbe4d9d2a935c0f420a09989529830f814a979ff444debc8d98ce557f348 | Triage

Sharing

General

Target

8dd4bbe4d9d2a935c0f420a09989529830f814a979ff444debc8d98ce557f348
Size

119KB
Sample

221124-2cbdxagc3w
MD5

46e1676cfc354dae4ae457773d20c2b2
SHA1

6515f574701e101b7df0b6306671cb70800359eb
SHA256

8dd4bbe4d9d2a935c0f420a09989529830f814a979ff444debc8d98ce557f348
SHA512

1e04f78a01558c6f3e7d6fef718ed3da6559be7185c92f78d9e24b2b3731b2e9b974b5b1f3f0dde63e5116a155c86a60852eff53fb6c726f9cb5590c07c94489
SSDEEP

1536:TwbIdIdbNCPoWaPEnw3XW4nKyXsseoiepwQRfl16p8eZk7qjh3rmKPNRsbA5:EPNYnkG4nKyjjw0fGqeZ7jZqMNRsE5

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  8dd4bbe4d9d2a935c0f420a09989529830f814a979ff444debc8d98ce557f348
- Size
  
  119KB
- MD5
  
  46e1676cfc354dae4ae457773d20c2b2
- SHA1
  
  6515f574701e101b7df0b6306671cb70800359eb
- SHA256
  
  8dd4bbe4d9d2a935c0f420a09989529830f814a979ff444debc8d98ce557f348
- SHA512
  
  1e04f78a01558c6f3e7d6fef718ed3da6559be7185c92f78d9e24b2b3731b2e9b974b5b1f3f0dde63e5116a155c86a60852eff53fb6c726f9cb5590c07c94489
- SSDEEP
  
  1536:TwbIdIdbNCPoWaPEnw3XW4nKyXsseoiepwQRfl16p8eZk7qjh3rmKPNRsbA5:EPNYnkG4nKyjjw0fGqeZ7jZqMNRsE5
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2