6e009addbffb3f0e946fd13c6466c345e7477056581af806218088e671257f71 | Triage

Sharing

General

Target

6e009addbffb3f0e946fd13c6466c345e7477056581af806218088e671257f71
Size

600KB
Sample

221127-gn8hkadg55
MD5

ce9e0de817eaa3e56cc8be9514b73ba6
SHA1

797664f76146f61c153f9da3ae95b4355f7ba6eb
SHA256

6e009addbffb3f0e946fd13c6466c345e7477056581af806218088e671257f71
SHA512

f52eb9b18a31b3cbd41a741ae50a0fda9f29fa4682ff4d8cb9d8aada0fd40458d62f8b73b853ba005da0b8d0a297e93b07223f69b8cf3fc3182eb0dbbf3c208f
SSDEEP

12288:fnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dk:fpITTNcmkS0CnIjoNhatk

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  6e009addbffb3f0e946fd13c6466c345e7477056581af806218088e671257f71
- Size
  
  600KB
- MD5
  
  ce9e0de817eaa3e56cc8be9514b73ba6
- SHA1
  
  797664f76146f61c153f9da3ae95b4355f7ba6eb
- SHA256
  
  6e009addbffb3f0e946fd13c6466c345e7477056581af806218088e671257f71
- SHA512
  
  f52eb9b18a31b3cbd41a741ae50a0fda9f29fa4682ff4d8cb9d8aada0fd40458d62f8b73b853ba005da0b8d0a297e93b07223f69b8cf3fc3182eb0dbbf3c208f
- SSDEEP
  
  12288:fnp7MTrnNc4cMCEASQPCnXYjCsCutCfAIh+ww3dk:fpITTNcmkS0CnIjoNhatk
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2