6537fbc1ae05b863b19802a3c5f15831130e93d5fd3c8650daa9220ac042098c | Triage

Sharing

General

Target

6537fbc1ae05b863b19802a3c5f15831130e93d5fd3c8650daa9220ac042098c
Size

828KB
Sample

221126-esp6nsbb88
MD5

88c8676dedc3c3632d9927733fc46926
SHA1

c0158550e9f6d7fd0ec82736944d9c364669f4ab
SHA256

6537fbc1ae05b863b19802a3c5f15831130e93d5fd3c8650daa9220ac042098c
SHA512

11dd398ec7acd85b2d018648c546bfa1f410f607ac8f1c33da05b04c299913994fc162ee963dc40a0889857d1149d7dfb569f27e15384edc1764f7a3871b92a4
SSDEEP

24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPo:7FhwFzPBYb02y4SA5MF

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6537fbc1ae05b863b19802a3c5f15831130e93d5fd3c8650daa9220ac042098c
- Size
  
  828KB
- MD5
  
  88c8676dedc3c3632d9927733fc46926
- SHA1
  
  c0158550e9f6d7fd0ec82736944d9c364669f4ab
- SHA256
  
  6537fbc1ae05b863b19802a3c5f15831130e93d5fd3c8650daa9220ac042098c
- SHA512
  
  11dd398ec7acd85b2d018648c546bfa1f410f607ac8f1c33da05b04c299913994fc162ee963dc40a0889857d1149d7dfb569f27e15384edc1764f7a3871b92a4
- SSDEEP
  
  24576:/DFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwPo:7FhwFzPBYb02y4SA5MF
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2