d26ef2542e53db2145408f1c32b10db2ca3711e434f97207d0a5e7d33477fd51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d26ef2542e53db2145408f1c32b10db2ca3711e434f97207d0a5e7d33477fd51
Size

1.1MB
Sample

221127-qkalssaf49
MD5

24491a7f2cb9480c818d949ee5ec7fe6
SHA1

2bde6a303549973733fbcbf0aeb7d2230ece9000
SHA256

d26ef2542e53db2145408f1c32b10db2ca3711e434f97207d0a5e7d33477fd51
SHA512

e95a81883dbdb0dbd454033f7a734085a1aae78e75d1893d75575e3212ace9c5934bf225df712349cd56963f6c3ef8072f875ab79f8a8f8143a47c85817fec7d
SSDEEP

12288:fJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4d:fF7WXbqdUTmWK29ZY47EiLMYTHy/

Score

7^/10

Malware Config

Targets

- Target
  
  d26ef2542e53db2145408f1c32b10db2ca3711e434f97207d0a5e7d33477fd51
- Size
  
  1.1MB
- MD5
  
  24491a7f2cb9480c818d949ee5ec7fe6
- SHA1
  
  2bde6a303549973733fbcbf0aeb7d2230ece9000
- SHA256
  
  d26ef2542e53db2145408f1c32b10db2ca3711e434f97207d0a5e7d33477fd51
- SHA512
  
  e95a81883dbdb0dbd454033f7a734085a1aae78e75d1893d75575e3212ace9c5934bf225df712349cd56963f6c3ef8072f875ab79f8a8f8143a47c85817fec7d
- SSDEEP
  
  12288:fJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4d:fF7WXbqdUTmWK29ZY47EiLMYTHy/
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2