aa22f040bf4dbb9ebef447fb3fe4d1fcaa72a37eb3770abf3311ab101e8b2b6f | Triage

Sharing

General

Target

aa22f040bf4dbb9ebef447fb3fe4d1fcaa72a37eb3770abf3311ab101e8b2b6f
Size

1.1MB
Sample

221127-jx3d1sfa8t
MD5

791f9c3e7a21a4f2bb1f71d9abe54ed1
SHA1

e9a89ad33511e0c60a11d1a7548ed99f62bc1dba
SHA256

aa22f040bf4dbb9ebef447fb3fe4d1fcaa72a37eb3770abf3311ab101e8b2b6f
SHA512

9b3118e2adc8251929f06545bcfaa7a26da68d3c1d41ef95b2e81980f4a76162992fa53ddb1e18fe22d8966dba570e3d9ece29efc2f91c46aa288deb01f0aad8
SSDEEP

12288:cxm03dDATu3TtKUhG3QQkrEcdvMqH1dznOotRldDfHbg5+MH/QTK7ufrncquNGsm:cgS73RKUsaVdzOotdDfStfsKafIgsm

Score

7^/10

Malware Config

Targets

- Target
  
  aa22f040bf4dbb9ebef447fb3fe4d1fcaa72a37eb3770abf3311ab101e8b2b6f
- Size
  
  1.1MB
- MD5
  
  791f9c3e7a21a4f2bb1f71d9abe54ed1
- SHA1
  
  e9a89ad33511e0c60a11d1a7548ed99f62bc1dba
- SHA256
  
  aa22f040bf4dbb9ebef447fb3fe4d1fcaa72a37eb3770abf3311ab101e8b2b6f
- SHA512
  
  9b3118e2adc8251929f06545bcfaa7a26da68d3c1d41ef95b2e81980f4a76162992fa53ddb1e18fe22d8966dba570e3d9ece29efc2f91c46aa288deb01f0aad8
- SSDEEP
  
  12288:cxm03dDATu3TtKUhG3QQkrEcdvMqH1dznOotRldDfHbg5+MH/QTK7ufrncquNGsm:cgS73RKUsaVdzOotdDfStfsKafIgsm
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2