1ce6823fa24c461c87e8b6a6a35377b8cb91172da8feff782264b9bbff07e1f2 | Triage

Sharing

General

Target

1ce6823fa24c461c87e8b6a6a35377b8cb91172da8feff782264b9bbff07e1f2
Size

1.1MB
Sample

221127-rm37kahb2w
MD5

e8b8eef956719c28d2a9a3c357bf3794
SHA1

1445bf839261435336913c26f84f94c6a4d8dfb0
SHA256

1ce6823fa24c461c87e8b6a6a35377b8cb91172da8feff782264b9bbff07e1f2
SHA512

54a4e300bc41cd5abd7cfa49a2b1a44ccf2d475a8a0f966ba686b5fe42a60fdd1b0c2f26496c1d91df008762a6585bcf80dadccdab39621d525637e41c79f953
SSDEEP

12288:PJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4N:PF7WXbqdUTmWK29ZY47EiLMYTHy7

Score

7^/10

Malware Config

Targets

- Target
  
  1ce6823fa24c461c87e8b6a6a35377b8cb91172da8feff782264b9bbff07e1f2
- Size
  
  1.1MB
- MD5
  
  e8b8eef956719c28d2a9a3c357bf3794
- SHA1
  
  1445bf839261435336913c26f84f94c6a4d8dfb0
- SHA256
  
  1ce6823fa24c461c87e8b6a6a35377b8cb91172da8feff782264b9bbff07e1f2
- SHA512
  
  54a4e300bc41cd5abd7cfa49a2b1a44ccf2d475a8a0f966ba686b5fe42a60fdd1b0c2f26496c1d91df008762a6585bcf80dadccdab39621d525637e41c79f953
- SSDEEP
  
  12288:PJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4N:PF7WXbqdUTmWK29ZY47EiLMYTHy7
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2