81e23554641d40bcb4588a096e55e65634cfcc8c46633735e4a60e1f4f8f2dc8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81e23554641d40bcb4588a096e55e65634cfcc8c46633735e4a60e1f4f8f2dc8
Size

1.0MB
Sample

221127-ax51gabd71
MD5

63e9bd497fe25590e9d3fa742664189d
SHA1

34e0590f8e407da9db3afac074e06a5c9543f84f
SHA256

81e23554641d40bcb4588a096e55e65634cfcc8c46633735e4a60e1f4f8f2dc8
SHA512

5086379fa4d34fe931bc2347cf591737d489b01480833242c307f732b3df7e1df12f61d49a6bfdc289822bf0a2f8b09aacda55328b7951246f8b84fb62f6bea7
SSDEEP

24576:MQP1WIt/PcyQzktVF72ofLFCQUeXkS96WJW0:n9WiHcWFdFCBk9vW

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  81e23554641d40bcb4588a096e55e65634cfcc8c46633735e4a60e1f4f8f2dc8
- Size
  
  1.0MB
- MD5
  
  63e9bd497fe25590e9d3fa742664189d
- SHA1
  
  34e0590f8e407da9db3afac074e06a5c9543f84f
- SHA256
  
  81e23554641d40bcb4588a096e55e65634cfcc8c46633735e4a60e1f4f8f2dc8
- SHA512
  
  5086379fa4d34fe931bc2347cf591737d489b01480833242c307f732b3df7e1df12f61d49a6bfdc289822bf0a2f8b09aacda55328b7951246f8b84fb62f6bea7
- SSDEEP
  
  24576:MQP1WIt/PcyQzktVF72ofLFCQUeXkS96WJW0:n9WiHcWFdFCBk9vW
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2