31203cf62b6dc29207b1d1a8133f68e3ce0629702f2287e14729cf219a124ffb | Triage

Sharing

General

Target

31203cf62b6dc29207b1d1a8133f68e3ce0629702f2287e14729cf219a124ffb
Size

829KB
Sample

221126-e5dy6sca63
MD5

b1c54ffa61439b1f778aa0492e0499c8
SHA1

74438cc73c2d89ccef04ef3e508440d81c5ee2c2
SHA256

31203cf62b6dc29207b1d1a8133f68e3ce0629702f2287e14729cf219a124ffb
SHA512

0de129e18eb77c258dc4f9e1f8e1091f9c5fde8df0d7f0921f76283959ab935e986cc9d8d9c1319a7799678f027bdc6ebae83d1012e34eb75bc5d6d5711e39eb
SSDEEP

24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPJ:cFhwFzPBYb02y4SA5MU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  31203cf62b6dc29207b1d1a8133f68e3ce0629702f2287e14729cf219a124ffb
- Size
  
  829KB
- MD5
  
  b1c54ffa61439b1f778aa0492e0499c8
- SHA1
  
  74438cc73c2d89ccef04ef3e508440d81c5ee2c2
- SHA256
  
  31203cf62b6dc29207b1d1a8133f68e3ce0629702f2287e14729cf219a124ffb
- SHA512
  
  0de129e18eb77c258dc4f9e1f8e1091f9c5fde8df0d7f0921f76283959ab935e986cc9d8d9c1319a7799678f027bdc6ebae83d1012e34eb75bc5d6d5711e39eb
- SSDEEP
  
  24576:ADFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPJ:cFhwFzPBYb02y4SA5MU
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2