88f5a64c79a36b1197837601170cffaa6196600bf3a0f78e6523b14e549d0b9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88f5a64c79a36b1197837601170cffaa6196600bf3a0f78e6523b14e549d0b9c
Size

600KB
Sample

221126-1jkeqaff88
MD5

e9f20355f98a65b023298f661d3de1cc
SHA1

f6d7444740680d3a734c52543be579bbf9f4f4e9
SHA256

88f5a64c79a36b1197837601170cffaa6196600bf3a0f78e6523b14e549d0b9c
SHA512

341e87ac8512075c86fa06717d3d33a7b5aa4da635bf5cfe357614d2b5cd564cf84d412f1bb44ea69e396e6988c2e2c4035ffac7ffd3a06d9e71528292bc938c
SSDEEP

12288:nnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dS:npITTNcmkS0CnIjoNhatS

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  88f5a64c79a36b1197837601170cffaa6196600bf3a0f78e6523b14e549d0b9c
- Size
  
  600KB
- MD5
  
  e9f20355f98a65b023298f661d3de1cc
- SHA1
  
  f6d7444740680d3a734c52543be579bbf9f4f4e9
- SHA256
  
  88f5a64c79a36b1197837601170cffaa6196600bf3a0f78e6523b14e549d0b9c
- SHA512
  
  341e87ac8512075c86fa06717d3d33a7b5aa4da635bf5cfe357614d2b5cd564cf84d412f1bb44ea69e396e6988c2e2c4035ffac7ffd3a06d9e71528292bc938c
- SSDEEP
  
  12288:nnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dS:npITTNcmkS0CnIjoNhatS
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2