7656d8866d2550b992835ffbc950b9924b3c7ad84bfe91a12dc3143ef5b3e552 | Triage

Sharing

General

Target

7656d8866d2550b992835ffbc950b9924b3c7ad84bfe91a12dc3143ef5b3e552
Size

828KB
Sample

221126-epewjaec4z
MD5

316e4d5b6f76d7b83ca9774340ef284f
SHA1

49fca34bcdb6fb9ab0b1884a9c1ccecc29dcb960
SHA256

7656d8866d2550b992835ffbc950b9924b3c7ad84bfe91a12dc3143ef5b3e552
SHA512

7528fe0187156709e9d88a1db96c3d149d74f60d0e7b7532f943d21d17810197ec8f26068b351e7b6293f6679eb885becb1e4bc2f64df85bcbc5e0c6cb0d9d6d
SSDEEP

24576:PDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP:LFhwFzPBYb02y4SA5M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7656d8866d2550b992835ffbc950b9924b3c7ad84bfe91a12dc3143ef5b3e552
- Size
  
  828KB
- MD5
  
  316e4d5b6f76d7b83ca9774340ef284f
- SHA1
  
  49fca34bcdb6fb9ab0b1884a9c1ccecc29dcb960
- SHA256
  
  7656d8866d2550b992835ffbc950b9924b3c7ad84bfe91a12dc3143ef5b3e552
- SHA512
  
  7528fe0187156709e9d88a1db96c3d149d74f60d0e7b7532f943d21d17810197ec8f26068b351e7b6293f6679eb885becb1e4bc2f64df85bcbc5e0c6cb0d9d6d
- SSDEEP
  
  24576:PDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP:LFhwFzPBYb02y4SA5M
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2