a386f3ad8a9a96b75d4aa3ba063585df6b4df81176ae2106a6e8cfd48e654b0c | Triage

Sharing

General

Target

a386f3ad8a9a96b75d4aa3ba063585df6b4df81176ae2106a6e8cfd48e654b0c
Size

677KB
Sample

221126-1f8yxaag7x
MD5

cd4d0bf0516b9297adb80d2f0346c4fd
SHA1

36f61d28b519730108f5207908b422844c1d797b
SHA256

a386f3ad8a9a96b75d4aa3ba063585df6b4df81176ae2106a6e8cfd48e654b0c
SHA512

15630ffd8110e39ed54f8680eacea6f33f2a82c0ac6e596bf82fb19770c65ca776cd18dba7e226ce6d58996294d903eb941de7495749a4e46e5ca0bb0f396497
SSDEEP

12288:ZTvrHLcyE/l+wkSAl3RpcBZscucL/i/QcuUdvY8eS4tM2xbWQ:ZTvrHtE/ds3rckia4cBdvb4BMQ

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a386f3ad8a9a96b75d4aa3ba063585df6b4df81176ae2106a6e8cfd48e654b0c
- Size
  
  677KB
- MD5
  
  cd4d0bf0516b9297adb80d2f0346c4fd
- SHA1
  
  36f61d28b519730108f5207908b422844c1d797b
- SHA256
  
  a386f3ad8a9a96b75d4aa3ba063585df6b4df81176ae2106a6e8cfd48e654b0c
- SHA512
  
  15630ffd8110e39ed54f8680eacea6f33f2a82c0ac6e596bf82fb19770c65ca776cd18dba7e226ce6d58996294d903eb941de7495749a4e46e5ca0bb0f396497
- SSDEEP
  
  12288:ZTvrHLcyE/l+wkSAl3RpcBZscucL/i/QcuUdvY8eS4tM2xbWQ:ZTvrHtE/ds3rckia4cBdvb4BMQ
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2