ada636e45c76a75b42a4421e1f60e0f0b3525ce9170a199a8b18b8b7ee11c4b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ada636e45c76a75b42a4421e1f60e0f0b3525ce9170a199a8b18b8b7ee11c4b0
Size

1.1MB
Sample

221128-ajq96aab78
MD5

12015b6c6fc36f15d0e2383dd18b06c2
SHA1

f89cc552ec9dd3a922a2a4c022da565a6ee894cd
SHA256

ada636e45c76a75b42a4421e1f60e0f0b3525ce9170a199a8b18b8b7ee11c4b0
SHA512

6025373d1db8866001ac4695596578e69b9fd55ad62ff6fa33a06fd8f301d7482091bb169e4b2e747d203b13310ed305882cfd0d532c1ff380f4ab92de9156d3
SSDEEP

24576:RpzaucfNArAjuzOc2X/7aMGutOMIymshUVgrWvfxkE6N:RpzjnMju39Mx8vyfhUVgRBN

Score

7^/10

Malware Config

Targets

- Target
  
  ada636e45c76a75b42a4421e1f60e0f0b3525ce9170a199a8b18b8b7ee11c4b0
- Size
  
  1.1MB
- MD5
  
  12015b6c6fc36f15d0e2383dd18b06c2
- SHA1
  
  f89cc552ec9dd3a922a2a4c022da565a6ee894cd
- SHA256
  
  ada636e45c76a75b42a4421e1f60e0f0b3525ce9170a199a8b18b8b7ee11c4b0
- SHA512
  
  6025373d1db8866001ac4695596578e69b9fd55ad62ff6fa33a06fd8f301d7482091bb169e4b2e747d203b13310ed305882cfd0d532c1ff380f4ab92de9156d3
- SSDEEP
  
  24576:RpzaucfNArAjuzOc2X/7aMGutOMIymshUVgrWvfxkE6N:RpzjnMju39Mx8vyfhUVgRBN
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2