fed631b6b64fb7948354ca93f88a96a91d805e69e0772da7681fd1ea0712f068 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fed631b6b64fb7948354ca93f88a96a91d805e69e0772da7681fd1ea0712f068
Size

1.0MB
Sample

221127-j6wmtsff6s
MD5

99ef5c62859b8a316500a374923c05d8
SHA1

eab475e62b2ba088170f98886459131a35afba96
SHA256

fed631b6b64fb7948354ca93f88a96a91d805e69e0772da7681fd1ea0712f068
SHA512

ebabcd9dcf12c47cf0e274a2634d15a45ae5beb17b56ec89d20646e1d056b076591f0184a421991042e9242f2fb1f5057158415264f1a57452059f737204c9ec
SSDEEP

24576:1lafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+k:zaANaRGRpuHetmGimZk

Score

7^/10

Malware Config

Targets

- Target
  
  fed631b6b64fb7948354ca93f88a96a91d805e69e0772da7681fd1ea0712f068
- Size
  
  1.0MB
- MD5
  
  99ef5c62859b8a316500a374923c05d8
- SHA1
  
  eab475e62b2ba088170f98886459131a35afba96
- SHA256
  
  fed631b6b64fb7948354ca93f88a96a91d805e69e0772da7681fd1ea0712f068
- SHA512
  
  ebabcd9dcf12c47cf0e274a2634d15a45ae5beb17b56ec89d20646e1d056b076591f0184a421991042e9242f2fb1f5057158415264f1a57452059f737204c9ec
- SSDEEP
  
  24576:1lafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+k:zaANaRGRpuHetmGimZk
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2