a006930d4d26269831ae8d3fdcebc798af42de47cd02a8d73f14e3d3e8b5229b | Triage

Sharing

General

Target

a006930d4d26269831ae8d3fdcebc798af42de47cd02a8d73f14e3d3e8b5229b
Size

1.1MB
Sample

221127-akjxgaae8w
MD5

18d345b493c65d220a31ca7ffec3de95
SHA1

e817d0b82e846cdb812c8f5fd94899026a2c01ef
SHA256

a006930d4d26269831ae8d3fdcebc798af42de47cd02a8d73f14e3d3e8b5229b
SHA512

5595c5013bbe8eaedfe4f94dac3da98f8b5cd2ac98a02dc3d95b4a23ab74c1567bd3a9a9e9a77e48b594e2c1587878e88e01932149fe4abe02b1c620c31a5456
SSDEEP

24576:z8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:zWtbKELB6rhW8h

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a006930d4d26269831ae8d3fdcebc798af42de47cd02a8d73f14e3d3e8b5229b
- Size
  
  1.1MB
- MD5
  
  18d345b493c65d220a31ca7ffec3de95
- SHA1
  
  e817d0b82e846cdb812c8f5fd94899026a2c01ef
- SHA256
  
  a006930d4d26269831ae8d3fdcebc798af42de47cd02a8d73f14e3d3e8b5229b
- SHA512
  
  5595c5013bbe8eaedfe4f94dac3da98f8b5cd2ac98a02dc3d95b4a23ab74c1567bd3a9a9e9a77e48b594e2c1587878e88e01932149fe4abe02b1c620c31a5456
- SSDEEP
  
  24576:z8vLvb1yMby1E51gyoMD/9+rSOPTW8pr:zWtbKELB6rhW8h
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2