0996c61d41b7dd407941c024461f76ab2875a77d2cb271380dc727350cb9cc6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0996c61d41b7dd407941c024461f76ab2875a77d2cb271380dc727350cb9cc6a
Size

1.1MB
Sample

221127-rrygwahd6s
MD5

a0d5aac930f3a7b1e73298adb8f86f1b
SHA1

d5803cb05b158e4920ac2072a322763a7f0dc539
SHA256

0996c61d41b7dd407941c024461f76ab2875a77d2cb271380dc727350cb9cc6a
SHA512

75185834928073071fbf9cd2cc826851b0c95da247b86ca67e1c732221154ceb6eb76283805d4194674aa39ba7de601a1639cad34185af200c90c0c9021a1ba8
SSDEEP

12288:URecnV4R0MA7najOoalUAZZz6DyyWfiAAMu8GCJYkEno4CUdUKGNa4zLKY6iTcol:UrEEVZuFW5hVJbEnoQ9VukiTdwaOw

Score

7^/10

Malware Config

Targets

- Target
  
  0996c61d41b7dd407941c024461f76ab2875a77d2cb271380dc727350cb9cc6a
- Size
  
  1.1MB
- MD5
  
  a0d5aac930f3a7b1e73298adb8f86f1b
- SHA1
  
  d5803cb05b158e4920ac2072a322763a7f0dc539
- SHA256
  
  0996c61d41b7dd407941c024461f76ab2875a77d2cb271380dc727350cb9cc6a
- SHA512
  
  75185834928073071fbf9cd2cc826851b0c95da247b86ca67e1c732221154ceb6eb76283805d4194674aa39ba7de601a1639cad34185af200c90c0c9021a1ba8
- SSDEEP
  
  12288:URecnV4R0MA7najOoalUAZZz6DyyWfiAAMu8GCJYkEno4CUdUKGNa4zLKY6iTcol:UrEEVZuFW5hVJbEnoQ9VukiTdwaOw
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2