529aa860a16732bcf565f9635d764149304387f1623eb60d43b1fca249e6f0a4 | Triage

Sharing

General

Target

529aa860a16732bcf565f9635d764149304387f1623eb60d43b1fca249e6f0a4
Size

41KB
Sample

221201-payefaab91
MD5

52a5a67421a1c891570698b292f132ae
SHA1

c06c3b258740da25d92d695986b3dde0d225308c
SHA256

529aa860a16732bcf565f9635d764149304387f1623eb60d43b1fca249e6f0a4
SHA512

db140be3efbba0539a82b0abc1053c94a48160f7982fa7e2d61fa39e12d5cc3778f758ff33c40176ff6bd22686a3e5cbaac9efe71df4e38f8f18a8687a7007b0
SSDEEP

384:Ex0yu2yXwqd3i0snUsHVOjMPBvAA15EaVet4y708rIfkvQpMmlHcEpKCEyZXa:Ex0Sund3i04JX5NeCy48Efk96HMCEGa

Score

7^/10

Malware Config

Targets

- Target
  
  529aa860a16732bcf565f9635d764149304387f1623eb60d43b1fca249e6f0a4
- Size
  
  41KB
- MD5
  
  52a5a67421a1c891570698b292f132ae
- SHA1
  
  c06c3b258740da25d92d695986b3dde0d225308c
- SHA256
  
  529aa860a16732bcf565f9635d764149304387f1623eb60d43b1fca249e6f0a4
- SHA512
  
  db140be3efbba0539a82b0abc1053c94a48160f7982fa7e2d61fa39e12d5cc3778f758ff33c40176ff6bd22686a3e5cbaac9efe71df4e38f8f18a8687a7007b0
- SSDEEP
  
  384:Ex0yu2yXwqd3i0snUsHVOjMPBvAA15EaVet4y708rIfkvQpMmlHcEpKCEyZXa:Ex0Sund3i04JX5NeCy48Efk96HMCEGa
Score

7^/10
- Deletes itself
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2