1efa20b94f8f9e1168fb3ccc6b911cde8847b734c299a07b8fd58c11c4491865 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1efa20b94f8f9e1168fb3ccc6b911cde8847b734c299a07b8fd58c11c4491865
Size

1.0MB
Sample

221127-d8sfasfh64
MD5

384e01f7622f747fc8f10ba34b58e695
SHA1

5b19365cfa167ed64ab85df7766941a859895fc9
SHA256

1efa20b94f8f9e1168fb3ccc6b911cde8847b734c299a07b8fd58c11c4491865
SHA512

ca39efbfdf6877aa50546aa5a65d713b0fa4a5d3c47588869d352f1e83f180505669c83ee6cb54dd51e7c2739250e3c3366e6ad4c8a0d9257314be0fc5177e5a
SSDEEP

24576:zlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+r:RaANaRGRpuHetmGimZr

Score

7^/10

Malware Config

Targets

- Target
  
  1efa20b94f8f9e1168fb3ccc6b911cde8847b734c299a07b8fd58c11c4491865
- Size
  
  1.0MB
- MD5
  
  384e01f7622f747fc8f10ba34b58e695
- SHA1
  
  5b19365cfa167ed64ab85df7766941a859895fc9
- SHA256
  
  1efa20b94f8f9e1168fb3ccc6b911cde8847b734c299a07b8fd58c11c4491865
- SHA512
  
  ca39efbfdf6877aa50546aa5a65d713b0fa4a5d3c47588869d352f1e83f180505669c83ee6cb54dd51e7c2739250e3c3366e6ad4c8a0d9257314be0fc5177e5a
- SSDEEP
  
  24576:zlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+r:RaANaRGRpuHetmGimZr
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2