311375abb70d39825ca4e9c5ce26f32c9a48c26d7db6f0cceb502eab967f914e | Triage

Sharing

General

Target

311375abb70d39825ca4e9c5ce26f32c9a48c26d7db6f0cceb502eab967f914e
Size

828KB
Sample

221126-e5ewgaca65
MD5

ad7538019ca7e2ae1a488988a675303d
SHA1

b084c9fbbc1d3595aa47b60385441e0051b6fab9
SHA256

311375abb70d39825ca4e9c5ce26f32c9a48c26d7db6f0cceb502eab967f914e
SHA512

24184223e913a1fb672dff29fcb2e67a9abb7a9d755a1f79832bc2e0e89ac9ae0fd17da6a7a0bbc4d649e66017024f4c87eef3cef3a9cf03b5cf10b72272ff72
SSDEEP

24576:WDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPB:GFhwFzPBYb02y4SA5MU

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  311375abb70d39825ca4e9c5ce26f32c9a48c26d7db6f0cceb502eab967f914e
- Size
  
  828KB
- MD5
  
  ad7538019ca7e2ae1a488988a675303d
- SHA1
  
  b084c9fbbc1d3595aa47b60385441e0051b6fab9
- SHA256
  
  311375abb70d39825ca4e9c5ce26f32c9a48c26d7db6f0cceb502eab967f914e
- SHA512
  
  24184223e913a1fb672dff29fcb2e67a9abb7a9d755a1f79832bc2e0e89ac9ae0fd17da6a7a0bbc4d649e66017024f4c87eef3cef3a9cf03b5cf10b72272ff72
- SSDEEP
  
  24576:WDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPB:GFhwFzPBYb02y4SA5MU
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2