586b587260e39aeb883ed5c38876cc4eedeec4d50c6aff74efc0dbcac0d55907 | Triage

Sharing

General

Target

586b587260e39aeb883ed5c38876cc4eedeec4d50c6aff74efc0dbcac0d55907
Size

1.1MB
Sample

221127-q9z8racd64
MD5

d1b83fcf3c16921243cc50f403a1cd09
SHA1

9645c3262d3debd3085b19d2c8ccfb2017a5661d
SHA256

586b587260e39aeb883ed5c38876cc4eedeec4d50c6aff74efc0dbcac0d55907
SHA512

b4858e20c792040778b8755f7dbc184f928ce6f2effc8a2f626a5b0fb628a5fc5fc5392e4f11bd9292f65dea569da71bb3f1b604df323034e915bf69d4c5a416
SSDEEP

12288:rJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4Q:rF7WXbqdUTmWK29ZY47EiLMYTHyu

Score

7^/10

Malware Config

Targets

- Target
  
  586b587260e39aeb883ed5c38876cc4eedeec4d50c6aff74efc0dbcac0d55907
- Size
  
  1.1MB
- MD5
  
  d1b83fcf3c16921243cc50f403a1cd09
- SHA1
  
  9645c3262d3debd3085b19d2c8ccfb2017a5661d
- SHA256
  
  586b587260e39aeb883ed5c38876cc4eedeec4d50c6aff74efc0dbcac0d55907
- SHA512
  
  b4858e20c792040778b8755f7dbc184f928ce6f2effc8a2f626a5b0fb628a5fc5fc5392e4f11bd9292f65dea569da71bb3f1b604df323034e915bf69d4c5a416
- SSDEEP
  
  12288:rJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4Q:rF7WXbqdUTmWK29ZY47EiLMYTHyu
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2