07fab495e27040af597b45a6b7b97ebdddff8d6e07de6e37fd897c7b7a3e747a | Triage

Sharing

General

Target

07fab495e27040af597b45a6b7b97ebdddff8d6e07de6e37fd897c7b7a3e747a
Size

36KB
Sample

221202-zhpsdaga3v
MD5

29b292d601bc0f819dd444b1518aa620
SHA1

f72410cc089f8054e515ebea49d303c3ca842669
SHA256

07fab495e27040af597b45a6b7b97ebdddff8d6e07de6e37fd897c7b7a3e747a
SHA512

fc81421a34f2f398d578e9e64c19b454c0078105cb604b21da7dd799c4f5bf599752ca0370053209bac1f28320370e75419bb0d905779e50c897a643666c7c31
SSDEEP

768:BRR+lsjA3vqEKcQnzlIKHvVUn9JO3C5oTkTasxWHqcQ:BRR+lT3vgnzlIKHvViJO3MWlYWHqcQ

Score

6^/10

Malware Config

Targets

- Target
  
  07fab495e27040af597b45a6b7b97ebdddff8d6e07de6e37fd897c7b7a3e747a
- Size
  
  36KB
- MD5
  
  29b292d601bc0f819dd444b1518aa620
- SHA1
  
  f72410cc089f8054e515ebea49d303c3ca842669
- SHA256
  
  07fab495e27040af597b45a6b7b97ebdddff8d6e07de6e37fd897c7b7a3e747a
- SHA512
  
  fc81421a34f2f398d578e9e64c19b454c0078105cb604b21da7dd799c4f5bf599752ca0370053209bac1f28320370e75419bb0d905779e50c897a643666c7c31
- SSDEEP
  
  768:BRR+lsjA3vqEKcQnzlIKHvVUn9JO3C5oTkTasxWHqcQ:BRR+lT3vgnzlIKHvViJO3MWlYWHqcQ
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2