e4b919f236d6810a225306ac57d33e79112e3704812a92b1f2c10b5cb2cc57a2 | Triage

Sharing

General

Target

e4b919f236d6810a225306ac57d33e79112e3704812a92b1f2c10b5cb2cc57a2
Size

599KB
Sample

221127-e2q5bshg57
MD5

a2f64661a3617ffc11ebd30ead76f9b1
SHA1

f7d0c9df61fece237c9f11318c403ffbab8d0986
SHA256

e4b919f236d6810a225306ac57d33e79112e3704812a92b1f2c10b5cb2cc57a2
SHA512

63a81ea4e12eb181aef3f8a200c80dbd496c17a71c81fcf5d36bb502a94d381f5a5bc890b00bbf75eff15c2a0dd507710dea2f1c1eba6b3f63124dbc7e912342
SSDEEP

12288:Dnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3d:jpITTNcmkS0CnIjoNhat

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  e4b919f236d6810a225306ac57d33e79112e3704812a92b1f2c10b5cb2cc57a2
- Size
  
  599KB
- MD5
  
  a2f64661a3617ffc11ebd30ead76f9b1
- SHA1
  
  f7d0c9df61fece237c9f11318c403ffbab8d0986
- SHA256
  
  e4b919f236d6810a225306ac57d33e79112e3704812a92b1f2c10b5cb2cc57a2
- SHA512
  
  63a81ea4e12eb181aef3f8a200c80dbd496c17a71c81fcf5d36bb502a94d381f5a5bc890b00bbf75eff15c2a0dd507710dea2f1c1eba6b3f63124dbc7e912342
- SSDEEP
  
  12288:Dnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3d:jpITTNcmkS0CnIjoNhat
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2