0619bd56672d9c0e844cc6219a5d348ccb948706daf9716d6b71cc24932dc7ba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0619bd56672d9c0e844cc6219a5d348ccb948706daf9716d6b71cc24932dc7ba
Size

1.1MB
Sample

221127-rssm1sdf85
MD5

d35fe4096a4b8f82f26c5c7387e978fb
SHA1

a8b1201dfcf19efcf8f5f625b31c055ce1cb4e85
SHA256

0619bd56672d9c0e844cc6219a5d348ccb948706daf9716d6b71cc24932dc7ba
SHA512

4031d7629631da1c0ccc85284515f5a3ae47b46699a55e5bc0d962fcb9e3d08c6393306ba4502f538a109f257e40a9e9df5ac7defd7f8bd25fa436d3ef375868
SSDEEP

12288:URecnV4R0MA7najOoalUAZZz6DyyWfiAAMu8GCJYkEno4CUdUKGNa4zLKY6iTcox:UrEEVZuFW5hVJbEnoQ9VukiTdwaOjo

Score

7^/10

Malware Config

Targets

- Target
  
  0619bd56672d9c0e844cc6219a5d348ccb948706daf9716d6b71cc24932dc7ba
- Size
  
  1.1MB
- MD5
  
  d35fe4096a4b8f82f26c5c7387e978fb
- SHA1
  
  a8b1201dfcf19efcf8f5f625b31c055ce1cb4e85
- SHA256
  
  0619bd56672d9c0e844cc6219a5d348ccb948706daf9716d6b71cc24932dc7ba
- SHA512
  
  4031d7629631da1c0ccc85284515f5a3ae47b46699a55e5bc0d962fcb9e3d08c6393306ba4502f538a109f257e40a9e9df5ac7defd7f8bd25fa436d3ef375868
- SSDEEP
  
  12288:URecnV4R0MA7najOoalUAZZz6DyyWfiAAMu8GCJYkEno4CUdUKGNa4zLKY6iTcox:UrEEVZuFW5hVJbEnoQ9VukiTdwaOjo
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2