17ae4f195f459ac17da18912f5672bace350db27231fabdabd5eb1060f8668f2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17ae4f195f459ac17da18912f5672bace350db27231fabdabd5eb1060f8668f2
Size

1.1MB
Sample

221127-rn3x7add65
MD5

7c3e80a90acac5959ad4a74bd1f44ba8
SHA1

3b5826078b7b9e20d24e5e85544978c8c22eafdb
SHA256

17ae4f195f459ac17da18912f5672bace350db27231fabdabd5eb1060f8668f2
SHA512

5666049f93f39cf9f27a77b9ea3eac0183531268ba7dc74dd92cdfb848d6bc3121d09b53a035059029ff7131ee0abad7a0439fd4a8956ccf95f9cbfd5831082b
SSDEEP

24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW

Score

7^/10

Malware Config

Targets

- Target
  
  17ae4f195f459ac17da18912f5672bace350db27231fabdabd5eb1060f8668f2
- Size
  
  1.1MB
- MD5
  
  7c3e80a90acac5959ad4a74bd1f44ba8
- SHA1
  
  3b5826078b7b9e20d24e5e85544978c8c22eafdb
- SHA256
  
  17ae4f195f459ac17da18912f5672bace350db27231fabdabd5eb1060f8668f2
- SHA512
  
  5666049f93f39cf9f27a77b9ea3eac0183531268ba7dc74dd92cdfb848d6bc3121d09b53a035059029ff7131ee0abad7a0439fd4a8956ccf95f9cbfd5831082b
- SSDEEP
  
  24576:488FqvRKoPw8NEx4VmPmsDx7Gk+Reb0wW:48fRbE2VolvZW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2