e025910fa48113e7329a435993656dbd6186db777ac554f9e7469277e17f3f5d | Triage

Sharing

General

Target

e025910fa48113e7329a435993656dbd6186db777ac554f9e7469277e17f3f5d
Size

101KB
Sample

221124-wn94qaea7w
MD5

fafc6f295096ba82efd30c487e3da22f
SHA1

b2ec6ced1ef9ced7b24edf8248f3801fe7a10d2a
SHA256

e025910fa48113e7329a435993656dbd6186db777ac554f9e7469277e17f3f5d
SHA512

d57c9e6b26d9c8c6d97877ec14757db2ae83879ec01144f03c862f720ab31ede2634933bf8d5b24dc831643c3db9f545ad217d3f3dd7d8812f15910027edfac0
SSDEEP

1536:+3PzsBqymiNodrRppqBBRK6xkkfqXS7247HnGyd75qnnk86YSzA6Y/Y+2KARNDas:+3rsQypNoG4X147HGyV5j867KODZ

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  e025910fa48113e7329a435993656dbd6186db777ac554f9e7469277e17f3f5d
- Size
  
  101KB
- MD5
  
  fafc6f295096ba82efd30c487e3da22f
- SHA1
  
  b2ec6ced1ef9ced7b24edf8248f3801fe7a10d2a
- SHA256
  
  e025910fa48113e7329a435993656dbd6186db777ac554f9e7469277e17f3f5d
- SHA512
  
  d57c9e6b26d9c8c6d97877ec14757db2ae83879ec01144f03c862f720ab31ede2634933bf8d5b24dc831643c3db9f545ad217d3f3dd7d8812f15910027edfac0
- SSDEEP
  
  1536:+3PzsBqymiNodrRppqBBRK6xkkfqXS7247HnGyd75qnnk86YSzA6Y/Y+2KARNDas:+3rsQypNoG4X147HGyV5j867KODZ
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2