bb3a707ba5567547e91a60f13bc0d9e5bc6a9cc5c6f9fa17d2f51721058e08fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb3a707ba5567547e91a60f13bc0d9e5bc6a9cc5c6f9fa17d2f51721058e08fb
Size

40KB
Sample

221204-jq492aea4w
MD5

49fb0f98d5d58de4e0e0690d69526e70
SHA1

2a8e17c9bb317a79c88390243aabeeff22393331
SHA256

bb3a707ba5567547e91a60f13bc0d9e5bc6a9cc5c6f9fa17d2f51721058e08fb
SHA512

254c5a10014e329536cf8871cd3821f0810694b042167315f69ecc78d565a44dc720ea949ae711b2a57f8fc50ecdb61d2b8fddb45051a1c7074d696227b9f24d
SSDEEP

768:aGT8SdexR/S5UeVqMiFinD+qjN6UUbHipj2m3NxSbN7ng+Y/EKdm:acB5UeVq1FJEN6UUbHsj2sGh

Score

6^/10

Malware Config

Targets

- Target
  
  bb3a707ba5567547e91a60f13bc0d9e5bc6a9cc5c6f9fa17d2f51721058e08fb
- Size
  
  40KB
- MD5
  
  49fb0f98d5d58de4e0e0690d69526e70
- SHA1
  
  2a8e17c9bb317a79c88390243aabeeff22393331
- SHA256
  
  bb3a707ba5567547e91a60f13bc0d9e5bc6a9cc5c6f9fa17d2f51721058e08fb
- SHA512
  
  254c5a10014e329536cf8871cd3821f0810694b042167315f69ecc78d565a44dc720ea949ae711b2a57f8fc50ecdb61d2b8fddb45051a1c7074d696227b9f24d
- SSDEEP
  
  768:aGT8SdexR/S5UeVqMiFinD+qjN6UUbHipj2m3NxSbN7ng+Y/EKdm:acB5UeVq1FJEN6UUbHsj2sGh
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2