e24d67ec4fc5ec66b9df9e94df4eb5f1b1c59116a6f91fb2c1e7c87d2196fb9f | Triage

Sharing

General

Target

e24d67ec4fc5ec66b9df9e94df4eb5f1b1c59116a6f91fb2c1e7c87d2196fb9f
Size

709KB
Sample

221127-dmcgysaa41
MD5

85fcb2e6187535d9718d28c6c927fbab
SHA1

8b1e49f98b168644834a9c9e83c0c2455f9c480f
SHA256

e24d67ec4fc5ec66b9df9e94df4eb5f1b1c59116a6f91fb2c1e7c87d2196fb9f
SHA512

56b22c615c043d7db3c8be37318be76bdac66b1ec3b15fb97458266d99015ee1a0cc5ca435299fbfe9606074b91eebdeec96e76db1ff3fc3fb35244ef54caae8
SSDEEP

12288:tigqIkHyLkIOeee+fAZwfqDPdM+UULoGTxOk82HmVJZP0j:tik6yIVeSAZwCCDGTxOB2HEoj

Score

7^/10

Malware Config

Targets

- Target
  
  e24d67ec4fc5ec66b9df9e94df4eb5f1b1c59116a6f91fb2c1e7c87d2196fb9f
- Size
  
  709KB
- MD5
  
  85fcb2e6187535d9718d28c6c927fbab
- SHA1
  
  8b1e49f98b168644834a9c9e83c0c2455f9c480f
- SHA256
  
  e24d67ec4fc5ec66b9df9e94df4eb5f1b1c59116a6f91fb2c1e7c87d2196fb9f
- SHA512
  
  56b22c615c043d7db3c8be37318be76bdac66b1ec3b15fb97458266d99015ee1a0cc5ca435299fbfe9606074b91eebdeec96e76db1ff3fc3fb35244ef54caae8
- SSDEEP
  
  12288:tigqIkHyLkIOeee+fAZwfqDPdM+UULoGTxOk82HmVJZP0j:tik6yIVeSAZwCCDGTxOB2HEoj
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2