7223e368340b37b1beaee7f855f066d74ac876082b9610d58281288754a9ff46 | Triage

Sharing

General

Target

7223e368340b37b1beaee7f855f066d74ac876082b9610d58281288754a9ff46
Size

600KB
Sample

221127-afz3wsac4w
MD5

a38330842eb832a7c5f10ac49d87b5db
SHA1

f462647d5695c03028325f09f300109d199271e9
SHA256

7223e368340b37b1beaee7f855f066d74ac876082b9610d58281288754a9ff46
SHA512

cddfd3ef51998c8672ae580c24175e25c76446199bbdc449d3d8013e8958c6f80eba296deb7c17d3d4ee1cd5039413281f4c29a0279050a5497e24f6133bc9b8
SSDEEP

12288:Pnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dh:vpITTNcmkS0CnIjoNhath

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  7223e368340b37b1beaee7f855f066d74ac876082b9610d58281288754a9ff46
- Size
  
  600KB
- MD5
  
  a38330842eb832a7c5f10ac49d87b5db
- SHA1
  
  f462647d5695c03028325f09f300109d199271e9
- SHA256
  
  7223e368340b37b1beaee7f855f066d74ac876082b9610d58281288754a9ff46
- SHA512
  
  cddfd3ef51998c8672ae580c24175e25c76446199bbdc449d3d8013e8958c6f80eba296deb7c17d3d4ee1cd5039413281f4c29a0279050a5497e24f6133bc9b8
- SSDEEP
  
  12288:Pnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dh:vpITTNcmkS0CnIjoNhath
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2