b1c1113ed02b78cb9bbb57b1967dcea952a6dc7b25ced4dac64c57710969f83b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b1c1113ed02b78cb9bbb57b1967dcea952a6dc7b25ced4dac64c57710969f83b
Size

1.0MB
Sample

221127-j9bf3acb82
MD5

3cbfeb076b2f5ec0614e005a617cd5bc
SHA1

db84f5e0a519d47357718f50be80fe0164b71c5b
SHA256

b1c1113ed02b78cb9bbb57b1967dcea952a6dc7b25ced4dac64c57710969f83b
SHA512

c6b55e20cbd6c81fa5f94ac7090262ddd76ae52f1b29d39ce47b837d08095c37d3411f7ed9d78a2159c821a232a8397186839bb7b1265b592322a6d018f5678c
SSDEEP

24576:SlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+3:SaANaRGRpuHetmGimZ3

Score

7^/10

Malware Config

Targets

- Target
  
  b1c1113ed02b78cb9bbb57b1967dcea952a6dc7b25ced4dac64c57710969f83b
- Size
  
  1.0MB
- MD5
  
  3cbfeb076b2f5ec0614e005a617cd5bc
- SHA1
  
  db84f5e0a519d47357718f50be80fe0164b71c5b
- SHA256
  
  b1c1113ed02b78cb9bbb57b1967dcea952a6dc7b25ced4dac64c57710969f83b
- SHA512
  
  c6b55e20cbd6c81fa5f94ac7090262ddd76ae52f1b29d39ce47b837d08095c37d3411f7ed9d78a2159c821a232a8397186839bb7b1265b592322a6d018f5678c
- SSDEEP
  
  24576:SlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+3:SaANaRGRpuHetmGimZ3
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2