30ffa5de48a5ae421f690811b042edfa89fbb95c1dc29348fe857767c0bfeb9e | Triage

Sharing

General

Target

30ffa5de48a5ae421f690811b042edfa89fbb95c1dc29348fe857767c0bfeb9e
Size

828KB
Sample

221126-e5geasca66
MD5

3b3bde1f26ed39b588d3d5c55a83ad51
SHA1

81a482819d77d9f5a52c03abd952438bc977f3c3
SHA256

30ffa5de48a5ae421f690811b042edfa89fbb95c1dc29348fe857767c0bfeb9e
SHA512

f9d162e77ad981cf2640c0de90a6a58a0c280dd29912a6c2978b635e4b8f33b56b0caf0e80b65e2256589d4f61a479c56cd0e02ec9cbd3144e4641f87ab200e7
SSDEEP

24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPQ:7FhwFzPBYb02y4SA5Mt

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  30ffa5de48a5ae421f690811b042edfa89fbb95c1dc29348fe857767c0bfeb9e
- Size
  
  828KB
- MD5
  
  3b3bde1f26ed39b588d3d5c55a83ad51
- SHA1
  
  81a482819d77d9f5a52c03abd952438bc977f3c3
- SHA256
  
  30ffa5de48a5ae421f690811b042edfa89fbb95c1dc29348fe857767c0bfeb9e
- SHA512
  
  f9d162e77ad981cf2640c0de90a6a58a0c280dd29912a6c2978b635e4b8f33b56b0caf0e80b65e2256589d4f61a479c56cd0e02ec9cbd3144e4641f87ab200e7
- SSDEEP
  
  24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPQ:7FhwFzPBYb02y4SA5Mt
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2