9298e762216e9ce5050d74a77e331ed1f3e4a81a436b8bf7324f91cbf68b540b | Triage

Sharing

General

Target

9298e762216e9ce5050d74a77e331ed1f3e4a81a436b8bf7324f91cbf68b540b
Size

853KB
Sample

221127-gadq2ach35
MD5

1fd21ca269f68a1ea9f595a790357e3a
SHA1

f33434a0f520d6471da319ba5ad6315d03fc44d2
SHA256

9298e762216e9ce5050d74a77e331ed1f3e4a81a436b8bf7324f91cbf68b540b
SHA512

3b88be43519db8c6741d0e0c3b57ff56d9b23239d93cfee271521d67a63eca4fdab03fd0b6a3a9adfb38d1b0ab3f7da3dea470109beb21ca4df40a723503d175
SSDEEP

24576:lYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv1:2qaxyDC2JmSoPvikO81

Score

7^/10

Malware Config

Targets

- Target
  
  9298e762216e9ce5050d74a77e331ed1f3e4a81a436b8bf7324f91cbf68b540b
- Size
  
  853KB
- MD5
  
  1fd21ca269f68a1ea9f595a790357e3a
- SHA1
  
  f33434a0f520d6471da319ba5ad6315d03fc44d2
- SHA256
  
  9298e762216e9ce5050d74a77e331ed1f3e4a81a436b8bf7324f91cbf68b540b
- SHA512
  
  3b88be43519db8c6741d0e0c3b57ff56d9b23239d93cfee271521d67a63eca4fdab03fd0b6a3a9adfb38d1b0ab3f7da3dea470109beb21ca4df40a723503d175
- SSDEEP
  
  24576:lYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv1:2qaxyDC2JmSoPvikO81
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2