cdbe80a5768606213c4722b15e2a6060f9a4118e18a4d54a274bdbef14d0a037 | Triage

Sharing

General

Target

cdbe80a5768606213c4722b15e2a6060f9a4118e18a4d54a274bdbef14d0a037
Size

1.1MB
Sample

221127-qk85csec6w
MD5

6cb29055859ecfcdbd7ef433db11171a
SHA1

828560085a9506a84803c8ef28ad08b10711e4c2
SHA256

cdbe80a5768606213c4722b15e2a6060f9a4118e18a4d54a274bdbef14d0a037
SHA512

b9b9e31cb636500db3344f2abff20507efa8e702d78683faf47a533830be1a873171a719050edf26a64b11e7fa965b7b3eda24708ee0ca2b5e258097bdf79f8d
SSDEEP

24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW

Score

7^/10

Malware Config

Targets

- Target
  
  cdbe80a5768606213c4722b15e2a6060f9a4118e18a4d54a274bdbef14d0a037
- Size
  
  1.1MB
- MD5
  
  6cb29055859ecfcdbd7ef433db11171a
- SHA1
  
  828560085a9506a84803c8ef28ad08b10711e4c2
- SHA256
  
  cdbe80a5768606213c4722b15e2a6060f9a4118e18a4d54a274bdbef14d0a037
- SHA512
  
  b9b9e31cb636500db3344f2abff20507efa8e702d78683faf47a533830be1a873171a719050edf26a64b11e7fa965b7b3eda24708ee0ca2b5e258097bdf79f8d
- SSDEEP
  
  24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2