8bfa66e4880898e17548c68be83aa66e8fa017bfd6468ce1380baa0cdf3f2f53 | Triage

Sharing

General

Target

8bfa66e4880898e17548c68be83aa66e8fa017bfd6468ce1380baa0cdf3f2f53
Size

600KB
Sample

221127-gcnzsada56
MD5

a68ccaa9703b7d5db2656b3dc1d50a12
SHA1

83443997f4967f2ef9fa0f495332b2a953523ca9
SHA256

8bfa66e4880898e17548c68be83aa66e8fa017bfd6468ce1380baa0cdf3f2f53
SHA512

f82bf5f0e0e97fa94b232a62645a159620878519d40b7a2e284481688a10828175267890632bf7843ab32a182c62e40bd0bad5399004cac6be0f4e52a0889d02
SSDEEP

12288:Pnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3d8:vpITTNcmkS0CnIjoNhat8

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  8bfa66e4880898e17548c68be83aa66e8fa017bfd6468ce1380baa0cdf3f2f53
- Size
  
  600KB
- MD5
  
  a68ccaa9703b7d5db2656b3dc1d50a12
- SHA1
  
  83443997f4967f2ef9fa0f495332b2a953523ca9
- SHA256
  
  8bfa66e4880898e17548c68be83aa66e8fa017bfd6468ce1380baa0cdf3f2f53
- SHA512
  
  f82bf5f0e0e97fa94b232a62645a159620878519d40b7a2e284481688a10828175267890632bf7843ab32a182c62e40bd0bad5399004cac6be0f4e52a0889d02
- SSDEEP
  
  12288:Pnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3d8:vpITTNcmkS0CnIjoNhat8
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2