8babc08c8e6f52c231813f4f59bf14e6960a770651180fe4cd5fadb8aad33367 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8babc08c8e6f52c231813f4f59bf14e6960a770651180fe4cd5fadb8aad33367
Size

1.0MB
Sample

221127-kamkqafh9y
MD5

6780766af388090ace6f5459b63d10f1
SHA1

bc56c652f0647de978b01db28c69f5f6fc4dddf2
SHA256

8babc08c8e6f52c231813f4f59bf14e6960a770651180fe4cd5fadb8aad33367
SHA512

70b1233283b9bc785633a2aa6a49ce026b2c7e68e2fe76acb6cfa0387418c8e417cc9fb29556a56470882f34e73ef3018887fd242e467d431f9979e867a1b9b9
SSDEEP

24576:SlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+H:SaANaRGRpuHetmGimZH

Score

7^/10

Malware Config

Targets

- Target
  
  8babc08c8e6f52c231813f4f59bf14e6960a770651180fe4cd5fadb8aad33367
- Size
  
  1.0MB
- MD5
  
  6780766af388090ace6f5459b63d10f1
- SHA1
  
  bc56c652f0647de978b01db28c69f5f6fc4dddf2
- SHA256
  
  8babc08c8e6f52c231813f4f59bf14e6960a770651180fe4cd5fadb8aad33367
- SHA512
  
  70b1233283b9bc785633a2aa6a49ce026b2c7e68e2fe76acb6cfa0387418c8e417cc9fb29556a56470882f34e73ef3018887fd242e467d431f9979e867a1b9b9
- SSDEEP
  
  24576:SlafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+H:SaANaRGRpuHetmGimZH
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2