e23132de5489f8d85db28a6183081056e1f37081302317dbe5f464b08e2d8826 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e23132de5489f8d85db28a6183081056e1f37081302317dbe5f464b08e2d8826
Size

280KB
Sample

221127-wavf4sah3z
MD5

0ef4b3b2b24df1cadc604e6a3f5ac9fe
SHA1

0c1fbfefaee59eb4388b9a800b980affebb7346f
SHA256

e23132de5489f8d85db28a6183081056e1f37081302317dbe5f464b08e2d8826
SHA512

a14e3137ecdff82270fb05ff8feea4041ad706bf2a43df56e95f0cb71499c3d13a8e0583844578ab2620545eb171d7ce450d7c9b975ed8682734d075657a33df
SSDEEP

6144:dSmtkRnx0kiM07nBgfny9JYck4w6b8X2O51z3c1:smS5OkiM0efnco4JYtXzs1

Score

6^/10

Malware Config

Targets

- Target
  
  e23132de5489f8d85db28a6183081056e1f37081302317dbe5f464b08e2d8826
- Size
  
  280KB
- MD5
  
  0ef4b3b2b24df1cadc604e6a3f5ac9fe
- SHA1
  
  0c1fbfefaee59eb4388b9a800b980affebb7346f
- SHA256
  
  e23132de5489f8d85db28a6183081056e1f37081302317dbe5f464b08e2d8826
- SHA512
  
  a14e3137ecdff82270fb05ff8feea4041ad706bf2a43df56e95f0cb71499c3d13a8e0583844578ab2620545eb171d7ce450d7c9b975ed8682734d075657a33df
- SSDEEP
  
  6144:dSmtkRnx0kiM07nBgfny9JYck4w6b8X2O51z3c1:smS5OkiM0efnco4JYtXzs1
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2