a67b4cef1a8168b1130af5dc6d6a881f57ba33523e86fb4ef66e02bc2337eadc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a67b4cef1a8168b1130af5dc6d6a881f57ba33523e86fb4ef66e02bc2337eadc
Size

599KB
Sample

221127-ft86lsbf87
MD5

40403e23fa138b1206c4af938ce47586
SHA1

0f821722d3cb7b86d98669d1f93508457e452076
SHA256

a67b4cef1a8168b1130af5dc6d6a881f57ba33523e86fb4ef66e02bc2337eadc
SHA512

f1ee21200ea3eb1a62b34b7bb12bef780332dc051e5b53f488e8882dfb271dcdb848bbd11a137271107b0b8fc9377388d5c63aab39334fb1c3a5913e7706277a
SSDEEP

12288:Tnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dg:TpITTNcmkS0CnIjoNhatg

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  a67b4cef1a8168b1130af5dc6d6a881f57ba33523e86fb4ef66e02bc2337eadc
- Size
  
  599KB
- MD5
  
  40403e23fa138b1206c4af938ce47586
- SHA1
  
  0f821722d3cb7b86d98669d1f93508457e452076
- SHA256
  
  a67b4cef1a8168b1130af5dc6d6a881f57ba33523e86fb4ef66e02bc2337eadc
- SHA512
  
  f1ee21200ea3eb1a62b34b7bb12bef780332dc051e5b53f488e8882dfb271dcdb848bbd11a137271107b0b8fc9377388d5c63aab39334fb1c3a5913e7706277a
- SSDEEP
  
  12288:Tnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dg:TpITTNcmkS0CnIjoNhatg
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2