1d13cc3991753612ba524afe2dbab9d7fd2f64d1766ba1c69c661130d1704599 | Triage

Sharing

General

Target

1d13cc3991753612ba524afe2dbab9d7fd2f64d1766ba1c69c661130d1704599
Size

1.1MB
Sample

221127-rm127sdc92
MD5

b45b855fa816f7859d92bee27c734a30
SHA1

f5cf5e605ea2853d08f6a087e4dabae2daf28275
SHA256

1d13cc3991753612ba524afe2dbab9d7fd2f64d1766ba1c69c661130d1704599
SHA512

cdd1b3ad2d91eebb91e3dcee501f27d8160f380a27d4db2e36ae76215c55a4fd8a9cd6bff3212d5291740f70cc317c626881d3f15df1d49b23c7e199c31f2674
SSDEEP

12288:vJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4S:vF7WXbqdUTmWK29ZY47EiLMYTHys

Score

7^/10

Malware Config

Targets

- Target
  
  1d13cc3991753612ba524afe2dbab9d7fd2f64d1766ba1c69c661130d1704599
- Size
  
  1.1MB
- MD5
  
  b45b855fa816f7859d92bee27c734a30
- SHA1
  
  f5cf5e605ea2853d08f6a087e4dabae2daf28275
- SHA256
  
  1d13cc3991753612ba524afe2dbab9d7fd2f64d1766ba1c69c661130d1704599
- SHA512
  
  cdd1b3ad2d91eebb91e3dcee501f27d8160f380a27d4db2e36ae76215c55a4fd8a9cd6bff3212d5291740f70cc317c626881d3f15df1d49b23c7e199c31f2674
- SSDEEP
  
  12288:vJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4S:vF7WXbqdUTmWK29ZY47EiLMYTHys
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2