3bfac5d732a51142c7e97addc6726e04d2a6e03f10e334ae052cb50f107e3a98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3bfac5d732a51142c7e97addc6726e04d2a6e03f10e334ae052cb50f107e3a98
Size

1.1MB
Sample

221127-adv16aab2x
MD5

9c8844ad8a59578739e8b6f8f7d39709
SHA1

ebc94fd9075ae293a0b31cf80a79905d072436e5
SHA256

3bfac5d732a51142c7e97addc6726e04d2a6e03f10e334ae052cb50f107e3a98
SHA512

e3106c2f4ce2dfbb4efa0e78499967482eb66830bf7f4e1a64d0e2fc0db6dbd58b167cbec2b1407a9e2d05edb8f9cc871a67efae539266ef4fb0d8a1a0d87794
SSDEEP

24576:j8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:jWtbKELB6rhW8h

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  3bfac5d732a51142c7e97addc6726e04d2a6e03f10e334ae052cb50f107e3a98
- Size
  
  1.1MB
- MD5
  
  9c8844ad8a59578739e8b6f8f7d39709
- SHA1
  
  ebc94fd9075ae293a0b31cf80a79905d072436e5
- SHA256
  
  3bfac5d732a51142c7e97addc6726e04d2a6e03f10e334ae052cb50f107e3a98
- SHA512
  
  e3106c2f4ce2dfbb4efa0e78499967482eb66830bf7f4e1a64d0e2fc0db6dbd58b167cbec2b1407a9e2d05edb8f9cc871a67efae539266ef4fb0d8a1a0d87794
- SSDEEP
  
  24576:j8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:jWtbKELB6rhW8h
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2