da1d12025402f94142c47fb76718b525305a6f8f33709141957adee466e0eb8f | Triage

Sharing

General

Target

da1d12025402f94142c47fb76718b525305a6f8f33709141957adee466e0eb8f
Size

123KB
Sample

221203-fn1x2sbb6s
MD5

26e304fb017cc5d3d07106469c64cd10
SHA1

45197bed8b1f6041ff4e9c5624e3fd2443be8b8f
SHA256

da1d12025402f94142c47fb76718b525305a6f8f33709141957adee466e0eb8f
SHA512

65941296d918012dccf074e9e19a29ee57d7d0e7ddc56f2843d4f613e96b9ed9787e6a8290d4a750832f9caa15361faa785b96765cda7fd936d3123354b792c3
SSDEEP

3072:y/uq+vINn2yQnizj+3VjHKuy+7lnpk3mTk9:y2MN302+lhlLk3mY

Score

6^/10

Malware Config

Targets

- Target
  
  da1d12025402f94142c47fb76718b525305a6f8f33709141957adee466e0eb8f
- Size
  
  123KB
- MD5
  
  26e304fb017cc5d3d07106469c64cd10
- SHA1
  
  45197bed8b1f6041ff4e9c5624e3fd2443be8b8f
- SHA256
  
  da1d12025402f94142c47fb76718b525305a6f8f33709141957adee466e0eb8f
- SHA512
  
  65941296d918012dccf074e9e19a29ee57d7d0e7ddc56f2843d4f613e96b9ed9787e6a8290d4a750832f9caa15361faa785b96765cda7fd936d3123354b792c3
- SSDEEP
  
  3072:y/uq+vINn2yQnizj+3VjHKuy+7lnpk3mTk9:y2MN302+lhlLk3mY
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2