bc7bf8062046d487f62f6fafbb5ee243ea3d2a301a0b6fcd8b4c60f1c02de3e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc7bf8062046d487f62f6fafbb5ee243ea3d2a301a0b6fcd8b4c60f1c02de3e0
Size

1.1MB
Sample

221127-qpsyyaba37
MD5

14043b9e0b5cd5ede4865ed1ab2808a9
SHA1

1033698e5c2775f1fe21ebaf38cd1e9e8916d07a
SHA256

bc7bf8062046d487f62f6fafbb5ee243ea3d2a301a0b6fcd8b4c60f1c02de3e0
SHA512

139e9911c40f4effe6fd179da5efeeba0062d3fde0822072a664b7219217efc78087d7b1c66b86dda0f72beb3b3c90a9384f9a56d8bff1873df30efbc82ba15c
SSDEEP

24576:W88FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wWL:W8fRbE2VolvZWL

Score

7^/10

Malware Config

Targets

- Target
  
  bc7bf8062046d487f62f6fafbb5ee243ea3d2a301a0b6fcd8b4c60f1c02de3e0
- Size
  
  1.1MB
- MD5
  
  14043b9e0b5cd5ede4865ed1ab2808a9
- SHA1
  
  1033698e5c2775f1fe21ebaf38cd1e9e8916d07a
- SHA256
  
  bc7bf8062046d487f62f6fafbb5ee243ea3d2a301a0b6fcd8b4c60f1c02de3e0
- SHA512
  
  139e9911c40f4effe6fd179da5efeeba0062d3fde0822072a664b7219217efc78087d7b1c66b86dda0f72beb3b3c90a9384f9a56d8bff1873df30efbc82ba15c
- SSDEEP
  
  24576:W88FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wWL:W8fRbE2VolvZWL
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2