448b4c6c30026bf1ca952efab526a9db6707eeb7c876c41036963cd7e4c92e4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

448b4c6c30026bf1ca952efab526a9db6707eeb7c876c41036963cd7e4c92e4a
Size

1.2MB
Sample

221126-3rpqhsha9x
MD5

1e961516c637706c37879369705cc663
SHA1

8fa2d9296b33a6186a73f6b538b4f6fc07dca965
SHA256

448b4c6c30026bf1ca952efab526a9db6707eeb7c876c41036963cd7e4c92e4a
SHA512

74524f50a5c15ce9844246218e4b2e36a6420a9116a3c953b266abf5f41f223722c75a30b6fa5bae063ec743df7969018f07c75c4d254ef6cb63fa1caff1378e
SSDEEP

12288:sFClyikG4TObKTKd89j65AAyHQcwffFh0C8LqFtl2cvnGNPep/nEL3OJn8n667ki:9n4TOOA89m5tyHFLw2c/hp/njJV6sZnG

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  448b4c6c30026bf1ca952efab526a9db6707eeb7c876c41036963cd7e4c92e4a
- Size
  
  1.2MB
- MD5
  
  1e961516c637706c37879369705cc663
- SHA1
  
  8fa2d9296b33a6186a73f6b538b4f6fc07dca965
- SHA256
  
  448b4c6c30026bf1ca952efab526a9db6707eeb7c876c41036963cd7e4c92e4a
- SHA512
  
  74524f50a5c15ce9844246218e4b2e36a6420a9116a3c953b266abf5f41f223722c75a30b6fa5bae063ec743df7969018f07c75c4d254ef6cb63fa1caff1378e
- SSDEEP
  
  12288:sFClyikG4TObKTKd89j65AAyHQcwffFh0C8LqFtl2cvnGNPep/nEL3OJn8n667ki:9n4TOOA89m5tyHFLw2c/hp/njJV6sZnG
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2