06ef1ae9ea733ab193abf5bd19ec25477a0fb765fd69958aa504f355ff55969c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06ef1ae9ea733ab193abf5bd19ec25477a0fb765fd69958aa504f355ff55969c
Size

82KB
Sample

221129-t1pmfaeh84
MD5

313f2ff6a3e708653ffc4cb6e33e862f
SHA1

331006319b2244c2b0724b2ed9ed3f34d8ffac88
SHA256

06ef1ae9ea733ab193abf5bd19ec25477a0fb765fd69958aa504f355ff55969c
SHA512

bc4f7316ce16f3e273f4820d97e820b43259aefe55c54400af035ea29efc0fb45fcd4bd3ef0fa2f004a30403898ab8a3b773407d70eeb6e3413c89c57a36d3d9
SSDEEP

1536:fX+bwmMmDb79loOfRdYROLduV/8UOWLtiPHzQZosIL:fubwmMmDb79loOfRmOL+8pPfzGIL

Score

6^/10

Malware Config

Targets

- Target
  
  06ef1ae9ea733ab193abf5bd19ec25477a0fb765fd69958aa504f355ff55969c
- Size
  
  82KB
- MD5
  
  313f2ff6a3e708653ffc4cb6e33e862f
- SHA1
  
  331006319b2244c2b0724b2ed9ed3f34d8ffac88
- SHA256
  
  06ef1ae9ea733ab193abf5bd19ec25477a0fb765fd69958aa504f355ff55969c
- SHA512
  
  bc4f7316ce16f3e273f4820d97e820b43259aefe55c54400af035ea29efc0fb45fcd4bd3ef0fa2f004a30403898ab8a3b773407d70eeb6e3413c89c57a36d3d9
- SSDEEP
  
  1536:fX+bwmMmDb79loOfRdYROLduV/8UOWLtiPHzQZosIL:fubwmMmDb79loOfRmOL+8pPfzGIL
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2