12a42255f4cf878169113afb320a1d53d57f3262860403125cfdeacdd63e0d0c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12a42255f4cf878169113afb320a1d53d57f3262860403125cfdeacdd63e0d0c
Size

1.1MB
Sample

221127-rp5s6shc5s
MD5

8d029b728f1c832b3eca66b888a7b91b
SHA1

3332d218f23b2d9a94f6f53e7291b4cb9c1d1493
SHA256

12a42255f4cf878169113afb320a1d53d57f3262860403125cfdeacdd63e0d0c
SHA512

65dbbc3a3a5c087fdf82126264f40acaa37f905f8d53da14de6532a5a5f8be674014165dbfc8e32d7da13f85bb42788967d60422c57e3c17c1b781a792e87161
SSDEEP

12288:bJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4j:bF7WXbqdUTmWK29ZY47EiLMYTHy9

Score

7^/10

Malware Config

Targets

- Target
  
  12a42255f4cf878169113afb320a1d53d57f3262860403125cfdeacdd63e0d0c
- Size
  
  1.1MB
- MD5
  
  8d029b728f1c832b3eca66b888a7b91b
- SHA1
  
  3332d218f23b2d9a94f6f53e7291b4cb9c1d1493
- SHA256
  
  12a42255f4cf878169113afb320a1d53d57f3262860403125cfdeacdd63e0d0c
- SHA512
  
  65dbbc3a3a5c087fdf82126264f40acaa37f905f8d53da14de6532a5a5f8be674014165dbfc8e32d7da13f85bb42788967d60422c57e3c17c1b781a792e87161
- SSDEEP
  
  12288:bJ84D/9Hfe6rfTJ6Lt8urB7Nj6fsfqdm7pTTCIu0EuG2a18RzY47E9ELluv9Ny4j:bF7WXbqdUTmWK29ZY47EiLMYTHy9
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2