814b9cb09b171a6bd738f568483942b9ba02aeb1373c0e08d9afd9f0eba0606d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

814b9cb09b171a6bd738f568483942b9ba02aeb1373c0e08d9afd9f0eba0606d
Size

1.1MB
Sample

221127-q114pafd7x
MD5

4522371a1701a0b20e6a2577460345a4
SHA1

5a193457a61196a44ac417f5fa2a857d3d4e9ad4
SHA256

814b9cb09b171a6bd738f568483942b9ba02aeb1373c0e08d9afd9f0eba0606d
SHA512

d75d472f7e59d2c1740e341a9ae371468b719dc5e08be0dbc4594059571121ee92ee3c6085be4aace99c52f5e562f3b8b19053a6ea890c763cb2f938de537c88
SSDEEP

12288:bJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny41:bF7WXbqdUTmWK29ZY47EiLMYTHyj

Score

7^/10

Malware Config

Targets

- Target
  
  814b9cb09b171a6bd738f568483942b9ba02aeb1373c0e08d9afd9f0eba0606d
- Size
  
  1.1MB
- MD5
  
  4522371a1701a0b20e6a2577460345a4
- SHA1
  
  5a193457a61196a44ac417f5fa2a857d3d4e9ad4
- SHA256
  
  814b9cb09b171a6bd738f568483942b9ba02aeb1373c0e08d9afd9f0eba0606d
- SHA512
  
  d75d472f7e59d2c1740e341a9ae371468b719dc5e08be0dbc4594059571121ee92ee3c6085be4aace99c52f5e562f3b8b19053a6ea890c763cb2f938de537c88
- SSDEEP
  
  12288:bJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny41:bF7WXbqdUTmWK29ZY47EiLMYTHyj
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2