2c4157cf1f961f72ee49bc1df423c31f6addbae12ebdc1ac764e65fcdbc8fc32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c4157cf1f961f72ee49bc1df423c31f6addbae12ebdc1ac764e65fcdbc8fc32
Size

1.1MB
Sample

221127-j29znafd5s
MD5

2979e55f5125abe2e8280ecfa0667bfa
SHA1

37600f09591251fca8a70c5ebe392d53862ad99f
SHA256

2c4157cf1f961f72ee49bc1df423c31f6addbae12ebdc1ac764e65fcdbc8fc32
SHA512

b6cca693b13bd0b856867a74eb7ab643039e7f0f0be17213d07cec87e1112f4b615ae8e18e48f2c3aaf7ea84e8f221d05b6cbb0ae75fcabd3b78a65c901b9fc3
SSDEEP

12288:Rxm03dDATu3TtKUhG3QQkrEcdvMqH1dznOotRldDfHbg5+MH/QTK7ufrncquNGs:RgS73RKUsaVdzOotdDfStfsKafIgs

Score

7^/10

Malware Config

Targets

- Target
  
  2c4157cf1f961f72ee49bc1df423c31f6addbae12ebdc1ac764e65fcdbc8fc32
- Size
  
  1.1MB
- MD5
  
  2979e55f5125abe2e8280ecfa0667bfa
- SHA1
  
  37600f09591251fca8a70c5ebe392d53862ad99f
- SHA256
  
  2c4157cf1f961f72ee49bc1df423c31f6addbae12ebdc1ac764e65fcdbc8fc32
- SHA512
  
  b6cca693b13bd0b856867a74eb7ab643039e7f0f0be17213d07cec87e1112f4b615ae8e18e48f2c3aaf7ea84e8f221d05b6cbb0ae75fcabd3b78a65c901b9fc3
- SSDEEP
  
  12288:Rxm03dDATu3TtKUhG3QQkrEcdvMqH1dznOotRldDfHbg5+MH/QTK7ufrncquNGs:RgS73RKUsaVdzOotdDfStfsKafIgs
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2