672a819c46ba648ea2ed982fb03a3393263a02a7a185d75a0895dfedd67b52e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

672a819c46ba648ea2ed982fb03a3393263a02a7a185d75a0895dfedd67b52e9
Size

1.1MB
Sample

221127-q7b35sfh6t
MD5

a839f776ee7530e6103af8bed948e5f1
SHA1

91ffc80576d8d6236bc902a1803bd43bcf470c50
SHA256

672a819c46ba648ea2ed982fb03a3393263a02a7a185d75a0895dfedd67b52e9
SHA512

a1dc51335803777f746b6a46747201c160f873a7936f97885b453d17b657739a5d6c6899022317938a513108414d50135a6afe07b4d878014e7a0771297ccc84
SSDEEP

24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW

Score

7^/10

Malware Config

Targets

- Target
  
  672a819c46ba648ea2ed982fb03a3393263a02a7a185d75a0895dfedd67b52e9
- Size
  
  1.1MB
- MD5
  
  a839f776ee7530e6103af8bed948e5f1
- SHA1
  
  91ffc80576d8d6236bc902a1803bd43bcf470c50
- SHA256
  
  672a819c46ba648ea2ed982fb03a3393263a02a7a185d75a0895dfedd67b52e9
- SHA512
  
  a1dc51335803777f746b6a46747201c160f873a7936f97885b453d17b657739a5d6c6899022317938a513108414d50135a6afe07b4d878014e7a0771297ccc84
- SSDEEP
  
  24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2