621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b | Triage

Submit
Reports

Overview

overview

8

Static

static

621c51234f...3b.exe

windows7-x64

8

621c51234f...3b.exe

windows10-2004-x64

8

Sharing

General

Target

621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b
Size

931KB
Sample

221125-pr95kabh7t
MD5

bbe643be05626d2e8d074778ee2503a8
SHA1

58541d881c700ea4973dff7b8076a2c973400ce9
SHA256

621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b
SHA512

51cb9f43ae5e40c153796660e6b8d12ee8a94e8829e5d27ff4751f8e58722a67b47360e9ed5d2e3d47b62d92e15e3ed447b09103ee11a3b46b3305cc56f3c6ce
SSDEEP

24576:C6IMwPvmB/wWq+5DUTt7FGSwmpu8nL6YKd:C6j19rut7FoU56X

Score

8^/10

upx

Static task

static1

Behavioral task

behavioral1

Sample

621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b.exe

Resource

win7-20220812-en

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b
- Size
  
  931KB
- MD5
  
  bbe643be05626d2e8d074778ee2503a8
- SHA1
  
  58541d881c700ea4973dff7b8076a2c973400ce9
- SHA256
  
  621c51234f3f7d9a0faab21d9f42d305a4f757c3992ab74d6b71e5f21255aa3b
- SHA512
  
  51cb9f43ae5e40c153796660e6b8d12ee8a94e8829e5d27ff4751f8e58722a67b47360e9ed5d2e3d47b62d92e15e3ed447b09103ee11a3b46b3305cc56f3c6ce
- SSDEEP
  
  24576:C6IMwPvmB/wWq+5DUTt7FGSwmpu8nL6YKd:C6j19rut7FoU56X
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy