5a30479acaee5da1fb0f422b8cbb094913c37c29416fcad9cca040ffdef72900 | Triage

Sharing

General

Target

5a30479acaee5da1fb0f422b8cbb094913c37c29416fcad9cca040ffdef72900
Size

38KB
Sample

221201-3mjnpscd99
MD5

d84fa70978f1be66614d0a76046d460f
SHA1

dc41904a476232f44b4f4b0b95b4b21f23704af4
SHA256

5a30479acaee5da1fb0f422b8cbb094913c37c29416fcad9cca040ffdef72900
SHA512

28a3faeb59e1510d06de61051bdf31df2aced2266071b60e38910a2f19a1cadaa746679db21a53ea9fcd2ec22fd23219cbf4a404857505d2dd7f5da8c9dbecb3
SSDEEP

768:gWRyq868R8Z8s888m8E8Qvl7Ihli+iHRyJywLUwWavnL5sAmDRTfG5F5SX406Pvy:gWcqzq+5hRpfvl7Ihli+Ay/RXv2AmDRT

Score

7^/10

Malware Config

Targets

- Target
  
  5a30479acaee5da1fb0f422b8cbb094913c37c29416fcad9cca040ffdef72900
- Size
  
  38KB
- MD5
  
  d84fa70978f1be66614d0a76046d460f
- SHA1
  
  dc41904a476232f44b4f4b0b95b4b21f23704af4
- SHA256
  
  5a30479acaee5da1fb0f422b8cbb094913c37c29416fcad9cca040ffdef72900
- SHA512
  
  28a3faeb59e1510d06de61051bdf31df2aced2266071b60e38910a2f19a1cadaa746679db21a53ea9fcd2ec22fd23219cbf4a404857505d2dd7f5da8c9dbecb3
- SSDEEP
  
  768:gWRyq868R8Z8s888m8E8Qvl7Ihli+iHRyJywLUwWavnL5sAmDRTfG5F5SX406Pvy:gWcqzq+5hRpfvl7Ihli+Ay/RXv2AmDRT
Score

7^/10
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2