f6d9fab80053df52973f69decb1df5fb6bc54d7402bf4f724be3b82b2341e17a | Triage

Sharing

General

Target

f6d9fab80053df52973f69decb1df5fb6bc54d7402bf4f724be3b82b2341e17a
Size

56KB
Sample

221203-y6k9esgb5x
MD5

0a33cc30de7128fce16a8482b73d9476
SHA1

7ce977b8e9df161b048d3dfbe2f2e360a531c217
SHA256

f6d9fab80053df52973f69decb1df5fb6bc54d7402bf4f724be3b82b2341e17a
SHA512

ed15620a9594c32a92f9f1202529e8afe7a2a9051768ffe1d8f4adbeec8d2da93c651207a4a6c07ba28882fbe4a8fc7165ffe40d1ced9ca5161bc5de20e2504a
SSDEEP

768:S5LKiZf8ThGLvK8vriGqtwLPbBq36Y1phJrstKy/yVpBp4Gvo:TOf8TWvHvPRo6Y1pQ/WpBp4GQ

Score

6^/10

Malware Config

Targets

- Target
  
  f6d9fab80053df52973f69decb1df5fb6bc54d7402bf4f724be3b82b2341e17a
- Size
  
  56KB
- MD5
  
  0a33cc30de7128fce16a8482b73d9476
- SHA1
  
  7ce977b8e9df161b048d3dfbe2f2e360a531c217
- SHA256
  
  f6d9fab80053df52973f69decb1df5fb6bc54d7402bf4f724be3b82b2341e17a
- SHA512
  
  ed15620a9594c32a92f9f1202529e8afe7a2a9051768ffe1d8f4adbeec8d2da93c651207a4a6c07ba28882fbe4a8fc7165ffe40d1ced9ca5161bc5de20e2504a
- SSDEEP
  
  768:S5LKiZf8ThGLvK8vriGqtwLPbBq36Y1phJrstKy/yVpBp4Gvo:TOf8TWvHvPRo6Y1pQ/WpBp4GQ
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2