eca1b454d842a74d299a98321211ce31a58e45446bb6a050ead0d0a29485a755 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eca1b454d842a74d299a98321211ce31a58e45446bb6a050ead0d0a29485a755
Size

828KB
Sample

221125-w28staeg27
MD5

cf8446b6f840563040706ca166cfb265
SHA1

d237ffd04fa6a48ff1e9f484838e0cbedb32f6c5
SHA256

eca1b454d842a74d299a98321211ce31a58e45446bb6a050ead0d0a29485a755
SHA512

15533bdf65427398b02bffa0c23e97511989e88cfb36d7b2ac946089954d79df8108007ceaea84a75c7877c051c6600d886be80d87dd95bfe64fbabd6b104750
SSDEEP

24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP7:cFhwFzPBYb02y4SA5My

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  eca1b454d842a74d299a98321211ce31a58e45446bb6a050ead0d0a29485a755
- Size
  
  828KB
- MD5
  
  cf8446b6f840563040706ca166cfb265
- SHA1
  
  d237ffd04fa6a48ff1e9f484838e0cbedb32f6c5
- SHA256
  
  eca1b454d842a74d299a98321211ce31a58e45446bb6a050ead0d0a29485a755
- SHA512
  
  15533bdf65427398b02bffa0c23e97511989e88cfb36d7b2ac946089954d79df8108007ceaea84a75c7877c051c6600d886be80d87dd95bfe64fbabd6b104750
- SSDEEP
  
  24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP7:cFhwFzPBYb02y4SA5My
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2