36bbd01ef9128f5fdbf32e37eb5a652663b85e05d9e67b8684c7329ca65cecd2 | Triage

Sharing

General

Target

36bbd01ef9128f5fdbf32e37eb5a652663b85e05d9e67b8684c7329ca65cecd2
Size

828KB
Sample

221126-e4av5aca23
MD5

6b3625b1678dd6bf7196395c1d12c372
SHA1

792482dd48df683c6fb218b7d5a02d9aaeb6ede3
SHA256

36bbd01ef9128f5fdbf32e37eb5a652663b85e05d9e67b8684c7329ca65cecd2
SHA512

97eda3ebde11e5a2a78ce41585a2fc3c38130da62d2458d7ffcd13f3fba67e3cc6391ca76a5122ef823ce11b5b4d9584d5d797a38be310437a912f9cfffe88b0
SSDEEP

24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPH:7FhwFzPBYb02y4SA5Ma

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  36bbd01ef9128f5fdbf32e37eb5a652663b85e05d9e67b8684c7329ca65cecd2
- Size
  
  828KB
- MD5
  
  6b3625b1678dd6bf7196395c1d12c372
- SHA1
  
  792482dd48df683c6fb218b7d5a02d9aaeb6ede3
- SHA256
  
  36bbd01ef9128f5fdbf32e37eb5a652663b85e05d9e67b8684c7329ca65cecd2
- SHA512
  
  97eda3ebde11e5a2a78ce41585a2fc3c38130da62d2458d7ffcd13f3fba67e3cc6391ca76a5122ef823ce11b5b4d9584d5d797a38be310437a912f9cfffe88b0
- SSDEEP
  
  24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPH:7FhwFzPBYb02y4SA5Ma
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2