aff2a4b25f477067e8ca7d34691b73dc9ab9ac7b5a1d1c69e634c8a61f1cd300 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aff2a4b25f477067e8ca7d34691b73dc9ab9ac7b5a1d1c69e634c8a61f1cd300
Size

1.0MB
Sample

221127-qr13bseg4y
MD5

2572f51c3431f36a542d86913f67d42d
SHA1

0e4ada330959724a309c88f81b4bc5bae05cd78a
SHA256

aff2a4b25f477067e8ca7d34691b73dc9ab9ac7b5a1d1c69e634c8a61f1cd300
SHA512

1ac490b490f89a8c0a34ababf8d4e3f52fa4862159de28196b2f6fb7261739a5fc1201bdf4b6f4d0b4bc36bf0c7683ebd40bc54742ae7bbe16f258b93dfe6bc6
SSDEEP

24576:w0BfZ15Scs4mUj79qPiqn7yauT/asgd0tp8A4:w0guUuT/asgUU

Score

7^/10

Malware Config

Targets

- Target
  
  aff2a4b25f477067e8ca7d34691b73dc9ab9ac7b5a1d1c69e634c8a61f1cd300
- Size
  
  1.0MB
- MD5
  
  2572f51c3431f36a542d86913f67d42d
- SHA1
  
  0e4ada330959724a309c88f81b4bc5bae05cd78a
- SHA256
  
  aff2a4b25f477067e8ca7d34691b73dc9ab9ac7b5a1d1c69e634c8a61f1cd300
- SHA512
  
  1ac490b490f89a8c0a34ababf8d4e3f52fa4862159de28196b2f6fb7261739a5fc1201bdf4b6f4d0b4bc36bf0c7683ebd40bc54742ae7bbe16f258b93dfe6bc6
- SSDEEP
  
  24576:w0BfZ15Scs4mUj79qPiqn7yauT/asgd0tp8A4:w0guUuT/asgUU
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2