6757ce9042fd2d26d82080dc668f692c493189393f9dbdf145b7a64d7b9594d1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6757ce9042fd2d26d82080dc668f692c493189393f9dbdf145b7a64d7b9594d1
Size

1.2MB
Sample

221126-2bjznahh26
MD5

2aa9fc54568df7b11df0b7f11e899330
SHA1

a1d10b717d3c831ff1a1f404ec8749e8a52ab23b
SHA256

6757ce9042fd2d26d82080dc668f692c493189393f9dbdf145b7a64d7b9594d1
SHA512

788464709ea18a8465b0ce664b343ea655a78bc68c1c55a2010b7744a408f10ed7d4f7f3e0432b5bc081ffcb948b25dfa01e7de0ff8e1d72c4f6570ec281a232
SSDEEP

12288:tFClyikG4TObKTKd89j65AAyHQcwffFh0C8LqFtl2cvnGNPep/nEL3OJn8n667k5:Gn4TOOA89m5tyHFLw2c/hp/njJV6sZn

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6757ce9042fd2d26d82080dc668f692c493189393f9dbdf145b7a64d7b9594d1
- Size
  
  1.2MB
- MD5
  
  2aa9fc54568df7b11df0b7f11e899330
- SHA1
  
  a1d10b717d3c831ff1a1f404ec8749e8a52ab23b
- SHA256
  
  6757ce9042fd2d26d82080dc668f692c493189393f9dbdf145b7a64d7b9594d1
- SHA512
  
  788464709ea18a8465b0ce664b343ea655a78bc68c1c55a2010b7744a408f10ed7d4f7f3e0432b5bc081ffcb948b25dfa01e7de0ff8e1d72c4f6570ec281a232
- SSDEEP
  
  12288:tFClyikG4TObKTKd89j65AAyHQcwffFh0C8LqFtl2cvnGNPep/nEL3OJn8n667k5:Gn4TOOA89m5tyHFLw2c/hp/njJV6sZn
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2