3bdb6d767e8ef7ce6d1a80f41fe6d2717a99d6cd2ebb4814e0eb8b1cc3f0272f | Triage

Sharing

General

Target

3bdb6d767e8ef7ce6d1a80f41fe6d2717a99d6cd2ebb4814e0eb8b1cc3f0272f
Size

828KB
Sample

221126-e3a5habh62
MD5

352978436db8c8015e51c378bcc9e843
SHA1

04bc3d763528b03483d2ae751621dc55895a6185
SHA256

3bdb6d767e8ef7ce6d1a80f41fe6d2717a99d6cd2ebb4814e0eb8b1cc3f0272f
SHA512

ec90df4ad1957352e47a0d5566c44673ca614b209acc364c0acef01eacbf250d5615e2961bf7af1d203bce4d1f6369679d2cc62e538787adf1f3e400a179db2f
SSDEEP

24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPp:cFhwFzPBYb02y4SA5MM

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3bdb6d767e8ef7ce6d1a80f41fe6d2717a99d6cd2ebb4814e0eb8b1cc3f0272f
- Size
  
  828KB
- MD5
  
  352978436db8c8015e51c378bcc9e843
- SHA1
  
  04bc3d763528b03483d2ae751621dc55895a6185
- SHA256
  
  3bdb6d767e8ef7ce6d1a80f41fe6d2717a99d6cd2ebb4814e0eb8b1cc3f0272f
- SHA512
  
  ec90df4ad1957352e47a0d5566c44673ca614b209acc364c0acef01eacbf250d5615e2961bf7af1d203bce4d1f6369679d2cc62e538787adf1f3e400a179db2f
- SSDEEP
  
  24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPp:cFhwFzPBYb02y4SA5MM
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2