5d354bd444f3c229e99070793f67c76fb97e8a47e79256c9187dc436492019f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d354bd444f3c229e99070793f67c76fb97e8a47e79256c9187dc436492019f6
Size

1.5MB
Sample

221129-s5d6tscf55
MD5

f0572bad2fdd3a14656941971f13d947
SHA1

fb7f534bbf79e86f238aa18ea7a788f7c14d30a7
SHA256

5d354bd444f3c229e99070793f67c76fb97e8a47e79256c9187dc436492019f6
SHA512

7609f4fc5759e584e8e1ebb90ea77d3f3e295b9038dba51f037a4c684f3ed7a1f90e4f176882b4fde2a233f6c2cb11041698ab4a75f45bef68d7ad7369df4557
SSDEEP

24576:cwYbrMZLNuobtAaRDIcm+Em8MZB6F2mdaJkzklByxODvlwUSySvhmVchBpCo:dYsbtAmDDZEFMNAklo+vlwUbSvhmIp5

Score

7^/10

Malware Config

Targets

- Target
  
  5d354bd444f3c229e99070793f67c76fb97e8a47e79256c9187dc436492019f6
- Size
  
  1.5MB
- MD5
  
  f0572bad2fdd3a14656941971f13d947
- SHA1
  
  fb7f534bbf79e86f238aa18ea7a788f7c14d30a7
- SHA256
  
  5d354bd444f3c229e99070793f67c76fb97e8a47e79256c9187dc436492019f6
- SHA512
  
  7609f4fc5759e584e8e1ebb90ea77d3f3e295b9038dba51f037a4c684f3ed7a1f90e4f176882b4fde2a233f6c2cb11041698ab4a75f45bef68d7ad7369df4557
- SSDEEP
  
  24576:cwYbrMZLNuobtAaRDIcm+Em8MZB6F2mdaJkzklByxODvlwUSySvhmVchBpCo:dYsbtAmDDZEFMNAklo+vlwUbSvhmIp5
Score

7^/10
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2