20518b975ea49a9a6acdeeebfe5eb4f4cff1cc78bcf1b65b0636a2da1d0221c6 | Triage

Sharing

General

Target

20518b975ea49a9a6acdeeebfe5eb4f4cff1cc78bcf1b65b0636a2da1d0221c6
Size

1.1MB
Sample

221127-rl5n1aha5z
MD5

1deef48211629a3034b24c041a219673
SHA1

7c718c9cee16b490a5f93e4199927c943b802278
SHA256

20518b975ea49a9a6acdeeebfe5eb4f4cff1cc78bcf1b65b0636a2da1d0221c6
SHA512

699273a499b8297c662a0d6167135d7801dd3b0b23d0fc28f16c2395d0a774b188539afdd88d0dae22bab73124f8e87ae56cc595e378b79c6f8bca909fbb1b48
SSDEEP

24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW

Score

7^/10

Malware Config

Targets

- Target
  
  20518b975ea49a9a6acdeeebfe5eb4f4cff1cc78bcf1b65b0636a2da1d0221c6
- Size
  
  1.1MB
- MD5
  
  1deef48211629a3034b24c041a219673
- SHA1
  
  7c718c9cee16b490a5f93e4199927c943b802278
- SHA256
  
  20518b975ea49a9a6acdeeebfe5eb4f4cff1cc78bcf1b65b0636a2da1d0221c6
- SHA512
  
  699273a499b8297c662a0d6167135d7801dd3b0b23d0fc28f16c2395d0a774b188539afdd88d0dae22bab73124f8e87ae56cc595e378b79c6f8bca909fbb1b48
- SSDEEP
  
  24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2