ba4fcfd3df1a3ae8201b5dbfaf9c9d725e7d31ffff35e1a0d50b22f5be2fe626 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ba4fcfd3df1a3ae8201b5dbfaf9c9d725e7d31ffff35e1a0d50b22f5be2fe626
Size

268KB
Sample

221124-atkv5afc67
MD5

36f02627ee715c9702f3f805c812a6b0
SHA1

4c14dd22888a1696bca4477cbfa5e259f36783ee
SHA256

ba4fcfd3df1a3ae8201b5dbfaf9c9d725e7d31ffff35e1a0d50b22f5be2fe626
SHA512

51f6deaa1083528fc1e6eaaf7164ca813a86872b019bae9e679daa42ba62935b82b76c14fa7d926ed2dad5d94d0c6228fa27389c35b323dc91fb612883ef24f5
SSDEEP

1536:HyD+ZGicBzyRWfeH7Ddzvjij6uPK8weLjAEoH1SnR0L+D8HhkhGoEdB203nM6Oyh:SDacBBfeH7s6uPwSR0Lo8+oldA03z5h

Score

6^/10

Malware Config

Targets

- Target
  
  ba4fcfd3df1a3ae8201b5dbfaf9c9d725e7d31ffff35e1a0d50b22f5be2fe626
- Size
  
  268KB
- MD5
  
  36f02627ee715c9702f3f805c812a6b0
- SHA1
  
  4c14dd22888a1696bca4477cbfa5e259f36783ee
- SHA256
  
  ba4fcfd3df1a3ae8201b5dbfaf9c9d725e7d31ffff35e1a0d50b22f5be2fe626
- SHA512
  
  51f6deaa1083528fc1e6eaaf7164ca813a86872b019bae9e679daa42ba62935b82b76c14fa7d926ed2dad5d94d0c6228fa27389c35b323dc91fb612883ef24f5
- SSDEEP
  
  1536:HyD+ZGicBzyRWfeH7Ddzvjij6uPK8weLjAEoH1SnR0L+D8HhkhGoEdB203nM6Oyh:SDacBBfeH7s6uPwSR0Lo8+oldA03z5h
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2