084cf3b994baf18ea531dda98789e76e2312009f20cbdb8329e99e7e3d644782 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

084cf3b994baf18ea531dda98789e76e2312009f20cbdb8329e99e7e3d644782
Size

1.1MB
Sample

221127-eavnfabe8y
MD5

3ae9a84a628d1ce6fb55e30fa6dd84a0
SHA1

37d21109dcce77536b0642613f36492d3a0f26ef
SHA256

084cf3b994baf18ea531dda98789e76e2312009f20cbdb8329e99e7e3d644782
SHA512

59e904f31ed0bfbb5af4db154287066e279a7b979f640044370c85600d71fb1035f248d27de6b7194ee23297879bdfffc1eb4b4b3d28c7e84fe1dad4f7736ce6
SSDEEP

12288:RyftkAdJQEa3ptOrGJuuFtGi3XJdalEZ73PfHq8ZN/HOAa7v8aHAMc3GhQrTsBCe:QbJa36GsgoeFdfS8Nvdag3b5TUbf

Score

7^/10

Malware Config

Targets

- Target
  
  084cf3b994baf18ea531dda98789e76e2312009f20cbdb8329e99e7e3d644782
- Size
  
  1.1MB
- MD5
  
  3ae9a84a628d1ce6fb55e30fa6dd84a0
- SHA1
  
  37d21109dcce77536b0642613f36492d3a0f26ef
- SHA256
  
  084cf3b994baf18ea531dda98789e76e2312009f20cbdb8329e99e7e3d644782
- SHA512
  
  59e904f31ed0bfbb5af4db154287066e279a7b979f640044370c85600d71fb1035f248d27de6b7194ee23297879bdfffc1eb4b4b3d28c7e84fe1dad4f7736ce6
- SSDEEP
  
  12288:RyftkAdJQEa3ptOrGJuuFtGi3XJdalEZ73PfHq8ZN/HOAa7v8aHAMc3GhQrTsBCe:QbJa36GsgoeFdfS8Nvdag3b5TUbf
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2