4d52fb66791dac6302910256b83ce5db8bf0217abbfe6304f629dc3b952c76ec | Triage

Sharing

General

Target

4d52fb66791dac6302910256b83ce5db8bf0217abbfe6304f629dc3b952c76ec
Size

828KB
Sample

221126-eystraeh5w
MD5

a981e32946d8c48c9cfaef2199fe03df
SHA1

e1ea48f03471538df5aae94b627717d89c02b20d
SHA256

4d52fb66791dac6302910256b83ce5db8bf0217abbfe6304f629dc3b952c76ec
SHA512

018ed63b1e622befd844610fc3da0124dc9a878a7cae08e98c40ec9dbd8afc3941551e3b9aaf72609bf01d625618f9e64b877a05ca71537c4f5f835bb02b1e57
SSDEEP

24576:mDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP:WFhwFzPBYb02y4SA5M

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  4d52fb66791dac6302910256b83ce5db8bf0217abbfe6304f629dc3b952c76ec
- Size
  
  828KB
- MD5
  
  a981e32946d8c48c9cfaef2199fe03df
- SHA1
  
  e1ea48f03471538df5aae94b627717d89c02b20d
- SHA256
  
  4d52fb66791dac6302910256b83ce5db8bf0217abbfe6304f629dc3b952c76ec
- SHA512
  
  018ed63b1e622befd844610fc3da0124dc9a878a7cae08e98c40ec9dbd8afc3941551e3b9aaf72609bf01d625618f9e64b877a05ca71537c4f5f835bb02b1e57
- SSDEEP
  
  24576:mDFhwFzsQNLAr5bj/b4FKHrJ841gAQguqMwP:WFhwFzPBYb02y4SA5M
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

behavioral2