10e56539e3d2465fded02b27923397ba672e6b1a98d0b7115610d7fb1301c805 | Triage

Sharing

General

Target

10e56539e3d2465fded02b27923397ba672e6b1a98d0b7115610d7fb1301c805
Size

1.1MB
Sample

221127-a9nlysgg96
MD5

ff81ceb08debdbde561adcf640546ee9
SHA1

edbb897d25ceb7fd117d7d236701a903ba578de2
SHA256

10e56539e3d2465fded02b27923397ba672e6b1a98d0b7115610d7fb1301c805
SHA512

03a18d4ab08b3e9937f4995040acb06c22d713150c3d38fcb40352ba3b6f8c0bcc77b76cb6f9b7c81fc422132247f22f4bcba61842923b83ce3f1c327a7ccfcf
SSDEEP

24576:j8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:jWtbKELB6rhW8h

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  10e56539e3d2465fded02b27923397ba672e6b1a98d0b7115610d7fb1301c805
- Size
  
  1.1MB
- MD5
  
  ff81ceb08debdbde561adcf640546ee9
- SHA1
  
  edbb897d25ceb7fd117d7d236701a903ba578de2
- SHA256
  
  10e56539e3d2465fded02b27923397ba672e6b1a98d0b7115610d7fb1301c805
- SHA512
  
  03a18d4ab08b3e9937f4995040acb06c22d713150c3d38fcb40352ba3b6f8c0bcc77b76cb6f9b7c81fc422132247f22f4bcba61842923b83ce3f1c327a7ccfcf
- SSDEEP
  
  24576:j8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:jWtbKELB6rhW8h
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2