1f2ed1416194b89aecc31462587c0cbdf28b51e3c80d1ab0c827f1633a0d2ac5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1f2ed1416194b89aecc31462587c0cbdf28b51e3c80d1ab0c827f1633a0d2ac5
Size

1.1MB
Sample

221126-1jm6lsba6s
MD5

826a4aac8871ca78027a0b2441e6c109
SHA1

dd64b5c01ca9f04bf1999a1e7730555f75838868
SHA256

1f2ed1416194b89aecc31462587c0cbdf28b51e3c80d1ab0c827f1633a0d2ac5
SHA512

fc497ac8c6a7a30a61159a9ff3f06be050df7b2400c543f648c4dde6770896de1c316fc3091b68848bc47283dcf0b3c70a0b66f86d61e3a0779c5e5343cb9777
SSDEEP

24576:z8vLvb1yMby1E51gyoMD/9+rSOPTW8prI:zWtbKELB6rhW8hI

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1f2ed1416194b89aecc31462587c0cbdf28b51e3c80d1ab0c827f1633a0d2ac5
- Size
  
  1.1MB
- MD5
  
  826a4aac8871ca78027a0b2441e6c109
- SHA1
  
  dd64b5c01ca9f04bf1999a1e7730555f75838868
- SHA256
  
  1f2ed1416194b89aecc31462587c0cbdf28b51e3c80d1ab0c827f1633a0d2ac5
- SHA512
  
  fc497ac8c6a7a30a61159a9ff3f06be050df7b2400c543f648c4dde6770896de1c316fc3091b68848bc47283dcf0b3c70a0b66f86d61e3a0779c5e5343cb9777
- SSDEEP
  
  24576:z8vLvb1yMby1E51gyoMD/9+rSOPTW8prI:zWtbKELB6rhW8hI
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2