6d908c391dcec8886e615521339259dde3a1fb5f7e3a3cda3ae20ea0dc756115 | Triage

Sharing

General

Target

6d908c391dcec8886e615521339259dde3a1fb5f7e3a3cda3ae20ea0dc756115
Size

60KB
Sample

221203-atpjbahf95
MD5

2000b21c6f7cf9e8adfb594afc61f9a0
SHA1

199b842155aabe3b79c6afc1f34b9a4fb936a972
SHA256

6d908c391dcec8886e615521339259dde3a1fb5f7e3a3cda3ae20ea0dc756115
SHA512

88a779afb8cce9d55d30d2cbaa09629c15b5d981ca80fd8fa0bb992b8f876b4c7dff98ddae9acd8a3878da000de30404d4eff21b17aaecaca0231f6fcda5624f
SSDEEP

768:hu1b97UNG+9tgY2GXPhNRrUdENzV+Cm7setRrcP6:hu1J7+9iY2ONUdENRKX

Score

6^/10

Malware Config

Targets

- Target
  
  6d908c391dcec8886e615521339259dde3a1fb5f7e3a3cda3ae20ea0dc756115
- Size
  
  60KB
- MD5
  
  2000b21c6f7cf9e8adfb594afc61f9a0
- SHA1
  
  199b842155aabe3b79c6afc1f34b9a4fb936a972
- SHA256
  
  6d908c391dcec8886e615521339259dde3a1fb5f7e3a3cda3ae20ea0dc756115
- SHA512
  
  88a779afb8cce9d55d30d2cbaa09629c15b5d981ca80fd8fa0bb992b8f876b4c7dff98ddae9acd8a3878da000de30404d4eff21b17aaecaca0231f6fcda5624f
- SSDEEP
  
  768:hu1b97UNG+9tgY2GXPhNRrUdENzV+Cm7setRrcP6:hu1J7+9iY2ONUdENRKX
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2