1716ed0b7d7f2052264716352f05609e10c0dd6f9e2de97909a2b8c85ecee5aa | Triage

Sharing

General

Target

1716ed0b7d7f2052264716352f05609e10c0dd6f9e2de97909a2b8c85ecee5aa
Size

1.1MB
Sample

221127-rn92hahb8w
MD5

b77bffa5395cfd0039d0c452b3942d69
SHA1

bb8d0ddf8e629f66d92ee574c5c7e1af5b7a1486
SHA256

1716ed0b7d7f2052264716352f05609e10c0dd6f9e2de97909a2b8c85ecee5aa
SHA512

aac86b712117d8f6609470c578c85beedb6e5e0e18ac7e466de9f713e7c1fdfb6b334929d71e71835d8abac3e077870ef0f601eb58f6aad940dbc871551f5bf8
SSDEEP

12288:7J84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4s:7F7WXbqdUTmWK29ZY47EiLMYTHyW

Score

7^/10

Malware Config

Targets

- Target
  
  1716ed0b7d7f2052264716352f05609e10c0dd6f9e2de97909a2b8c85ecee5aa
- Size
  
  1.1MB
- MD5
  
  b77bffa5395cfd0039d0c452b3942d69
- SHA1
  
  bb8d0ddf8e629f66d92ee574c5c7e1af5b7a1486
- SHA256
  
  1716ed0b7d7f2052264716352f05609e10c0dd6f9e2de97909a2b8c85ecee5aa
- SHA512
  
  aac86b712117d8f6609470c578c85beedb6e5e0e18ac7e466de9f713e7c1fdfb6b334929d71e71835d8abac3e077870ef0f601eb58f6aad940dbc871551f5bf8
- SSDEEP
  
  12288:7J84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4s:7F7WXbqdUTmWK29ZY47EiLMYTHyW
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2