0f95911f197e48d2cd08d29605f0b2219025627d585752193e7c324ce5ed0b02 | Triage

Sharing

General

Target

0f95911f197e48d2cd08d29605f0b2219025627d585752193e7c324ce5ed0b02
Size

1.0MB
Sample

221127-ekpvyacc3w
MD5

0aca53092ca3ed5d899d8fd837dd817a
SHA1

7e46cb235d3cd7a9e7a18e45338e57fa9fb186b4
SHA256

0f95911f197e48d2cd08d29605f0b2219025627d585752193e7c324ce5ed0b02
SHA512

536da1344858f8d07988229a4232b506a2380ee13a15a096a7491c09ab79f642795485cea2965446693df9d7d1f953abea4896da43de064a41a94ce8216c6894
SSDEEP

24576:A0BfZ15Scs4mUj79qPiqn7yauT/asgd0tp8A:A0guUuT/asgU

Score

7^/10

Malware Config

Targets

- Target
  
  0f95911f197e48d2cd08d29605f0b2219025627d585752193e7c324ce5ed0b02
- Size
  
  1.0MB
- MD5
  
  0aca53092ca3ed5d899d8fd837dd817a
- SHA1
  
  7e46cb235d3cd7a9e7a18e45338e57fa9fb186b4
- SHA256
  
  0f95911f197e48d2cd08d29605f0b2219025627d585752193e7c324ce5ed0b02
- SHA512
  
  536da1344858f8d07988229a4232b506a2380ee13a15a096a7491c09ab79f642795485cea2965446693df9d7d1f953abea4896da43de064a41a94ce8216c6894
- SSDEEP
  
  24576:A0BfZ15Scs4mUj79qPiqn7yauT/asgd0tp8A:A0guUuT/asgU
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2