97b9d70659f54eebc20631ea842ba97badd8393ba27c239e8d4915754d7a3fb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97b9d70659f54eebc20631ea842ba97badd8393ba27c239e8d4915754d7a3fb6
Size

29KB
Sample

221129-vzkgrsab73
MD5

2bf8405992b36d9464ba74ed795a5090
SHA1

b5ef11a02ffd1545eaa675f74a709c2a14079944
SHA256

97b9d70659f54eebc20631ea842ba97badd8393ba27c239e8d4915754d7a3fb6
SHA512

529688b5617e778c66b7fd8ec23f1282b7112c82b1989820d5a2f4065829f97c5e8b33d5883862de32e8e2c9bf2ed3fcdafe94429b2ec66f6a4194e3587d0974
SSDEEP

384:N9kNOe9hXmvw4f9+i2QhXI+T2anP5BDu8tN0HSAOwvZzONOqNMGqKDmnTU:N9e5XXmV9+Sr5hu8iNOMwq4Go

Score

6^/10

Malware Config

Targets

- Target
  
  97b9d70659f54eebc20631ea842ba97badd8393ba27c239e8d4915754d7a3fb6
- Size
  
  29KB
- MD5
  
  2bf8405992b36d9464ba74ed795a5090
- SHA1
  
  b5ef11a02ffd1545eaa675f74a709c2a14079944
- SHA256
  
  97b9d70659f54eebc20631ea842ba97badd8393ba27c239e8d4915754d7a3fb6
- SHA512
  
  529688b5617e778c66b7fd8ec23f1282b7112c82b1989820d5a2f4065829f97c5e8b33d5883862de32e8e2c9bf2ed3fcdafe94429b2ec66f6a4194e3587d0974
- SSDEEP
  
  384:N9kNOe9hXmvw4f9+i2QhXI+T2anP5BDu8tN0HSAOwvZzONOqNMGqKDmnTU:N9e5XXmV9+Sr5hu8iNOMwq4Go
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2