7ba5133305a657cd07838944062b4006d2bf161cad9b70fe445a1134f8798cca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ba5133305a657cd07838944062b4006d2bf161cad9b70fe445a1134f8798cca
Size

1.0MB
Sample

221127-dyr2safc43
MD5

61e34894092f985dd28387a0980f4167
SHA1

c72512cfb18b274f7c0657ec034822c21e652461
SHA256

7ba5133305a657cd07838944062b4006d2bf161cad9b70fe445a1134f8798cca
SHA512

25793d594400b752e533fcd24167a2ced494d9c450cd053a8f95dbae231635e581241945d19791b3897cf657690709dc91ea182b963561c0a5571ab7e27f130d
SSDEEP

24576:jlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:haANaRGRpuHetmGimZ

Score

7^/10

Malware Config

Targets

- Target
  
  7ba5133305a657cd07838944062b4006d2bf161cad9b70fe445a1134f8798cca
- Size
  
  1.0MB
- MD5
  
  61e34894092f985dd28387a0980f4167
- SHA1
  
  c72512cfb18b274f7c0657ec034822c21e652461
- SHA256
  
  7ba5133305a657cd07838944062b4006d2bf161cad9b70fe445a1134f8798cca
- SHA512
  
  25793d594400b752e533fcd24167a2ced494d9c450cd053a8f95dbae231635e581241945d19791b3897cf657690709dc91ea182b963561c0a5571ab7e27f130d
- SSDEEP
  
  24576:jlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:haANaRGRpuHetmGimZ
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2