931f4a38ea928a07072477e72f0b552879bd1a99ead3672bf4ea8ca88f8da3e2 | Triage

Sharing

General

Target

931f4a38ea928a07072477e72f0b552879bd1a99ead3672bf4ea8ca88f8da3e2
Size

44KB
Sample

221202-zgvl8sfh6x
MD5

70f27b4ad439e0c1ee56a000a5b2ced0
SHA1

cf597ca5a502619989ff59c8226fafbe66f89a64
SHA256

931f4a38ea928a07072477e72f0b552879bd1a99ead3672bf4ea8ca88f8da3e2
SHA512

f746c374b2743073a71dadead4f1ec3c3b72173b359428816aa54432e7400daa50d983a49579bdee2ceb3070f380e9b2154c184ec905f13efc55e9f686cfeece
SSDEEP

768:VLvkJ6ZirBMVYqA199XfKiQcnT4MMYMqwU9dXQ+rhr9AiGD7WH:VLLijDtgMpSUfb

Score

6^/10

Malware Config

Targets

- Target
  
  931f4a38ea928a07072477e72f0b552879bd1a99ead3672bf4ea8ca88f8da3e2
- Size
  
  44KB
- MD5
  
  70f27b4ad439e0c1ee56a000a5b2ced0
- SHA1
  
  cf597ca5a502619989ff59c8226fafbe66f89a64
- SHA256
  
  931f4a38ea928a07072477e72f0b552879bd1a99ead3672bf4ea8ca88f8da3e2
- SHA512
  
  f746c374b2743073a71dadead4f1ec3c3b72173b359428816aa54432e7400daa50d983a49579bdee2ceb3070f380e9b2154c184ec905f13efc55e9f686cfeece
- SSDEEP
  
  768:VLvkJ6ZirBMVYqA199XfKiQcnT4MMYMqwU9dXQ+rhr9AiGD7WH:VLLijDtgMpSUfb
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2