b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d | Triage

Submit
Reports

Overview

overview

8

Static

static

8

b1d965880c...1d.exe

windows7-x64

8

b1d965880c...1d.exe

windows10-2004-x64

8

Sharing

General

Target

b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d
Size

1.3MB
Sample

221127-qrpz3abb55
MD5

81d4072a140f9a5debe0121cd2cf165d
SHA1

34de1311528f27335e6600db204eaaa834452e7a
SHA256

b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d
SHA512

eed8870f57946b83167c5aa74d9e18a4518664babd3c472455a4d6697423ef93b78e773bf78002a2a3557819d4f65de019fac14014291e00ca152a1e97572c61
SSDEEP

24576:5AAy23Cgs8SRqtgSmo64NmgDUCsLABeeUuSHUzY5IjqwI8IxOkz:5nyUTRSnSmo6dnzieeUuSKY5Ijqj8Ix

Score

8^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d.exe

Resource

win7-20220901-en

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d
- Size
  
  1.3MB
- MD5
  
  81d4072a140f9a5debe0121cd2cf165d
- SHA1
  
  34de1311528f27335e6600db204eaaa834452e7a
- SHA256
  
  b1d965880c928160e11c58937977093eec737f83dbd5090a8f1ac6f94cc6fd1d
- SHA512
  
  eed8870f57946b83167c5aa74d9e18a4518664babd3c472455a4d6697423ef93b78e773bf78002a2a3557819d4f65de019fac14014291e00ca152a1e97572c61
- SSDEEP
  
  24576:5AAy23Cgs8SRqtgSmo64NmgDUCsLABeeUuSHUzY5IjqwI8IxOkz:5nyUTRSnSmo6dnzieeUuSKY5Ijqj8Ix
Score

8^/10

upx
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy