33ce57cfb82862f8e3ca7e60c8c792af26e5cc9750c7d5f1f847cf85c517c5c2 | Triage

Sharing

General

Target

33ce57cfb82862f8e3ca7e60c8c792af26e5cc9750c7d5f1f847cf85c517c5c2
Size

853KB
Sample

221127-hb14dsfc64
MD5

2ec87f2d3e197486e3f338097304ebfa
SHA1

43e75120090e70b151512f62ebdc55a74b7c3459
SHA256

33ce57cfb82862f8e3ca7e60c8c792af26e5cc9750c7d5f1f847cf85c517c5c2
SHA512

a0fc18fdddcaabd50c826d2370f1936e410b84b5696f11a070cf5ebb2ba10ae3ef8abc23e8cd3f22719622b552e8b86fb45f6e263c96e5bdc9933fd0e39368ed
SSDEEP

24576:VYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv/:GqaxyDC2JmSoPvikO8/

Score

7^/10

Malware Config

Targets

- Target
  
  33ce57cfb82862f8e3ca7e60c8c792af26e5cc9750c7d5f1f847cf85c517c5c2
- Size
  
  853KB
- MD5
  
  2ec87f2d3e197486e3f338097304ebfa
- SHA1
  
  43e75120090e70b151512f62ebdc55a74b7c3459
- SHA256
  
  33ce57cfb82862f8e3ca7e60c8c792af26e5cc9750c7d5f1f847cf85c517c5c2
- SHA512
  
  a0fc18fdddcaabd50c826d2370f1936e410b84b5696f11a070cf5ebb2ba10ae3ef8abc23e8cd3f22719622b552e8b86fb45f6e263c96e5bdc9933fd0e39368ed
- SSDEEP
  
  24576:VYq2/9nnr5cDNsOQfKJL9ki1arPvi/cjaBYfv/:GqaxyDC2JmSoPvikO8/
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2