3b7879e445da412de727edc7e0db9bf82452acaec69efd4eeaad5d14af53dd2d | Triage

Sharing

General

Target

3b7879e445da412de727edc7e0db9bf82452acaec69efd4eeaad5d14af53dd2d
Size

1.1MB
Sample

221127-rfaxfage7x
MD5

bf7314cd2cecd87f5d651f66c713f7cd
SHA1

35424893d03f7d87bfc7137c5e96641580aead67
SHA256

3b7879e445da412de727edc7e0db9bf82452acaec69efd4eeaad5d14af53dd2d
SHA512

6eeed2bfe17ac7bb23a9547319b3748427e487c6182a78f06b2d81b557ca2789b961ae4a5b64f2f807d9fb79b6e1cf5ea91846db7d87a1345c4eb99fcd5ae89e
SSDEEP

24576:I88FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:I8fRbE2VolvZW

Score

7^/10

Malware Config

Targets

- Target
  
  3b7879e445da412de727edc7e0db9bf82452acaec69efd4eeaad5d14af53dd2d
- Size
  
  1.1MB
- MD5
  
  bf7314cd2cecd87f5d651f66c713f7cd
- SHA1
  
  35424893d03f7d87bfc7137c5e96641580aead67
- SHA256
  
  3b7879e445da412de727edc7e0db9bf82452acaec69efd4eeaad5d14af53dd2d
- SHA512
  
  6eeed2bfe17ac7bb23a9547319b3748427e487c6182a78f06b2d81b557ca2789b961ae4a5b64f2f807d9fb79b6e1cf5ea91846db7d87a1345c4eb99fcd5ae89e
- SSDEEP
  
  24576:I88FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:I8fRbE2VolvZW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2