04a974b4d3c28050898acd33870beaa644ec4a92dde874fe86d96f1aaaf9e448 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04a974b4d3c28050898acd33870beaa644ec4a92dde874fe86d96f1aaaf9e448
Size

1.0MB
Sample

221127-keregace93
MD5

6ff98c9776ed43e31d1da354e5827231
SHA1

08052470e16bee733484586393b2057b30f26072
SHA256

04a974b4d3c28050898acd33870beaa644ec4a92dde874fe86d96f1aaaf9e448
SHA512

cd37cd34594d19ebcf12780a33a89a401e11342255c8c85315e4818bef57bfba02a07837ca831ffcb7ec3f49703f09898dec8996268d395a3b4017f4e79a95c0
SSDEEP

24576:ilafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:CaANaRGRpuHetmGimZ

Score

7^/10

Malware Config

Targets

- Target
  
  04a974b4d3c28050898acd33870beaa644ec4a92dde874fe86d96f1aaaf9e448
- Size
  
  1.0MB
- MD5
  
  6ff98c9776ed43e31d1da354e5827231
- SHA1
  
  08052470e16bee733484586393b2057b30f26072
- SHA256
  
  04a974b4d3c28050898acd33870beaa644ec4a92dde874fe86d96f1aaaf9e448
- SHA512
  
  cd37cd34594d19ebcf12780a33a89a401e11342255c8c85315e4818bef57bfba02a07837ca831ffcb7ec3f49703f09898dec8996268d395a3b4017f4e79a95c0
- SSDEEP
  
  24576:ilafNPaNMDJOpKROZRpulZBVOkeOLimGHCmO+:CaANaRGRpuHetmGimZ
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2