90f5a7430711475c0ffa6bfa1fa12fc6e8602e5c721ed9b464684b9e495e217e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

90f5a7430711475c0ffa6bfa1fa12fc6e8602e5c721ed9b464684b9e495e217e
Size

1.1MB
Sample

221127-dwskjafb36
MD5

e111e7cf70aea90528c884da9af2c224
SHA1

d78dc21c36b3bff28e4de10e12d3f07e71de85d1
SHA256

90f5a7430711475c0ffa6bfa1fa12fc6e8602e5c721ed9b464684b9e495e217e
SHA512

84138462db892f2f956078ea7875db3b34878158d91db98f3b16a4dd22614e1b1b39a82a62718311078ae09425d0d36141a160f66df9897026d3583ec346743c
SSDEEP

12288:uuklkMVqd1t8jEIoCTaPG0j4DeuH5GyAw64vYr1IZq6T7UNU7hm92J6Gz1VwFAHe:u3jl2WzbZL6gEAqEVmA7x6FAnc

Score

7^/10

Malware Config

Targets

- Target
  
  90f5a7430711475c0ffa6bfa1fa12fc6e8602e5c721ed9b464684b9e495e217e
- Size
  
  1.1MB
- MD5
  
  e111e7cf70aea90528c884da9af2c224
- SHA1
  
  d78dc21c36b3bff28e4de10e12d3f07e71de85d1
- SHA256
  
  90f5a7430711475c0ffa6bfa1fa12fc6e8602e5c721ed9b464684b9e495e217e
- SHA512
  
  84138462db892f2f956078ea7875db3b34878158d91db98f3b16a4dd22614e1b1b39a82a62718311078ae09425d0d36141a160f66df9897026d3583ec346743c
- SSDEEP
  
  12288:uuklkMVqd1t8jEIoCTaPG0j4DeuH5GyAw64vYr1IZq6T7UNU7hm92J6Gz1VwFAHe:u3jl2WzbZL6gEAqEVmA7x6FAnc
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2