adbe528d9e5692b27b71176fcc0550e238ff105e003abdc7e609d71b02c057c6 | Triage

Sharing

General

Target

adbe528d9e5692b27b71176fcc0550e238ff105e003abdc7e609d71b02c057c6
Size

97KB
Sample

221203-svslgafh6w
MD5

746d6610736b528b9958404f25912fe3
SHA1

4b2826eaa3a48e822d27f5110b5d1d170b3445bc
SHA256

adbe528d9e5692b27b71176fcc0550e238ff105e003abdc7e609d71b02c057c6
SHA512

7e151f89bb9a7d09edd972931bbb1d810d44cfc1cb989964d485766beb021b7c461a9eeaf7d5355f00e3cefd90c6232073436a9ad2ef88bed39717289390a6ba
SSDEEP

768:UWdecJCQcx4+cKKgHNNXtC5q8OU22bWIK1TlBRxXKgZKgblJgKgiUgLa1:Uzv4+hNXtC5q8OU22bPKRVdLa

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  adbe528d9e5692b27b71176fcc0550e238ff105e003abdc7e609d71b02c057c6
- Size
  
  97KB
- MD5
  
  746d6610736b528b9958404f25912fe3
- SHA1
  
  4b2826eaa3a48e822d27f5110b5d1d170b3445bc
- SHA256
  
  adbe528d9e5692b27b71176fcc0550e238ff105e003abdc7e609d71b02c057c6
- SHA512
  
  7e151f89bb9a7d09edd972931bbb1d810d44cfc1cb989964d485766beb021b7c461a9eeaf7d5355f00e3cefd90c6232073436a9ad2ef88bed39717289390a6ba
- SSDEEP
  
  768:UWdecJCQcx4+cKKgHNNXtC5q8OU22bWIK1TlBRxXKgZKgblJgKgiUgLa1:Uzv4+hNXtC5q8OU22bPKRVdLa
Score

7^/10

persistence
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Adds Run key to start application
  persistence
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2