e9bd4f5ac840498123d43e9c002b88c2d5f78902ca05bdbe91f262c2ecb36917 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9bd4f5ac840498123d43e9c002b88c2d5f78902ca05bdbe91f262c2ecb36917
Size

1.1MB
Sample

221127-dlnhtsee64
MD5

3d7ca137cd6ae69102e3751ef0dac07e
SHA1

c24565b38b29ddddb40f25092fb1099bd24bdf8a
SHA256

e9bd4f5ac840498123d43e9c002b88c2d5f78902ca05bdbe91f262c2ecb36917
SHA512

9b2e837df7495107c6b9622f15ea57b684cb3538f103b0899dc249dc53f4f3c347f257ab87541f77c8980eb76711647a6d88183d5574f18161c39650f41947b0
SSDEEP

12288:uuklkMVqd1t8jEIoCTaPG0j4DeuH5GyAw64vYr1IZq6T7UNU7hm92J6Gz1VwFAHe:u3jl2WzbZL6gEAqEVmA7x6FAnc

Score

7^/10

Malware Config

Targets

- Target
  
  e9bd4f5ac840498123d43e9c002b88c2d5f78902ca05bdbe91f262c2ecb36917
- Size
  
  1.1MB
- MD5
  
  3d7ca137cd6ae69102e3751ef0dac07e
- SHA1
  
  c24565b38b29ddddb40f25092fb1099bd24bdf8a
- SHA256
  
  e9bd4f5ac840498123d43e9c002b88c2d5f78902ca05bdbe91f262c2ecb36917
- SHA512
  
  9b2e837df7495107c6b9622f15ea57b684cb3538f103b0899dc249dc53f4f3c347f257ab87541f77c8980eb76711647a6d88183d5574f18161c39650f41947b0
- SSDEEP
  
  12288:uuklkMVqd1t8jEIoCTaPG0j4DeuH5GyAw64vYr1IZq6T7UNU7hm92J6Gz1VwFAHe:u3jl2WzbZL6gEAqEVmA7x6FAnc
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2