5889c0934a7742049d9e0a25c484d8726c3a731c819f8841de89bf62af7f35a4 | Triage

Sharing

General

Target

5889c0934a7742049d9e0a25c484d8726c3a731c819f8841de89bf62af7f35a4
Size

1.0MB
Sample

221127-kcbw1aga91
MD5

5d132ff378c495727592937b21219d16
SHA1

618d1f8daeabc4a53648bb20362ae9cdc98ca531
SHA256

5889c0934a7742049d9e0a25c484d8726c3a731c819f8841de89bf62af7f35a4
SHA512

3aaf5ce260e890418121423a87b03c56666674b2fcdf18cf358181a1ee08f3f702f86cf9997089c6cc9e0290c933bda5455d9c66fc938d58335650d8a5a1af35
SSDEEP

24576:ylafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:yaANaRGRpuHetmGimZ

Score

7^/10

Malware Config

Targets

- Target
  
  5889c0934a7742049d9e0a25c484d8726c3a731c819f8841de89bf62af7f35a4
- Size
  
  1.0MB
- MD5
  
  5d132ff378c495727592937b21219d16
- SHA1
  
  618d1f8daeabc4a53648bb20362ae9cdc98ca531
- SHA256
  
  5889c0934a7742049d9e0a25c484d8726c3a731c819f8841de89bf62af7f35a4
- SHA512
  
  3aaf5ce260e890418121423a87b03c56666674b2fcdf18cf358181a1ee08f3f702f86cf9997089c6cc9e0290c933bda5455d9c66fc938d58335650d8a5a1af35
- SSDEEP
  
  24576:ylafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:yaANaRGRpuHetmGimZ
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2