4161363a46a136c7c520053b201cf138f75d4bfd6c8517f9ce3dcd7762858f3b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4161363a46a136c7c520053b201cf138f75d4bfd6c8517f9ce3dcd7762858f3b
Size

1.0MB
Sample

221127-kczcascd89
MD5

f472e20c461fa18a68f8522a3c14427b
SHA1

b2751f692d637e912092633bfe5c0ed22bfe2155
SHA256

4161363a46a136c7c520053b201cf138f75d4bfd6c8517f9ce3dcd7762858f3b
SHA512

e9e314cecd76908b802c38221e0fbc0c52e4b72b8179c931e872bbddbc1a072065f388a3f7d4fa02c86250c2471644acfbf273cc57418cd999c7ffbfcefa7a81
SSDEEP

24576:ClafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:iaANaRGRpuHetmGimZ

Score

7^/10

Malware Config

Targets

- Target
  
  4161363a46a136c7c520053b201cf138f75d4bfd6c8517f9ce3dcd7762858f3b
- Size
  
  1.0MB
- MD5
  
  f472e20c461fa18a68f8522a3c14427b
- SHA1
  
  b2751f692d637e912092633bfe5c0ed22bfe2155
- SHA256
  
  4161363a46a136c7c520053b201cf138f75d4bfd6c8517f9ce3dcd7762858f3b
- SHA512
  
  e9e314cecd76908b802c38221e0fbc0c52e4b72b8179c931e872bbddbc1a072065f388a3f7d4fa02c86250c2471644acfbf273cc57418cd999c7ffbfcefa7a81
- SSDEEP
  
  24576:ClafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:iaANaRGRpuHetmGimZ
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2