e6f26c104633145bb9ebdd39deea4cbab9576397daa69d82e497238cf8fd4c89 | Triage

Sharing

General

Target

e6f26c104633145bb9ebdd39deea4cbab9576397daa69d82e497238cf8fd4c89
Size

1.1MB
Sample

221127-qe5vradh6x
MD5

77f4ce5f467e51897dc417f49f14d1bf
SHA1

fd73eb729fb4ad85fd9050ae469e85985aa07998
SHA256

e6f26c104633145bb9ebdd39deea4cbab9576397daa69d82e497238cf8fd4c89
SHA512

2547f50552ebbea03855bc55bc476b767a8270746dc556f57781a9705aa5a04dae8b396d192af16da18b15b28e414dc29b7c44dae8bb6d72a264666440dcf413
SSDEEP

12288:LJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4C:LF7WXbqdUTmWK29ZY47EiLMYTHy

Score

7^/10

Malware Config

Targets

- Target
  
  e6f26c104633145bb9ebdd39deea4cbab9576397daa69d82e497238cf8fd4c89
- Size
  
  1.1MB
- MD5
  
  77f4ce5f467e51897dc417f49f14d1bf
- SHA1
  
  fd73eb729fb4ad85fd9050ae469e85985aa07998
- SHA256
  
  e6f26c104633145bb9ebdd39deea4cbab9576397daa69d82e497238cf8fd4c89
- SHA512
  
  2547f50552ebbea03855bc55bc476b767a8270746dc556f57781a9705aa5a04dae8b396d192af16da18b15b28e414dc29b7c44dae8bb6d72a264666440dcf413
- SSDEEP
  
  12288:LJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4C:LF7WXbqdUTmWK29ZY47EiLMYTHy
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2