7db0a4dfb83b1693350b14185c642c53215fd526d177290db834b4bc132e4cbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7db0a4dfb83b1693350b14185c642c53215fd526d177290db834b4bc132e4cbf
Size

29KB
Sample

221205-22ywhaaa2s
MD5

2fbd654303d859a690a5bf7943e18470
SHA1

fc59544eea470f90b522350f116171d00a450cf3
SHA256

7db0a4dfb83b1693350b14185c642c53215fd526d177290db834b4bc132e4cbf
SHA512

b96d2e88692073831205706912ea6544abfcb244d784079c94fcd71f9cb1e640b92f2134aed8b37766e39ce65b6e20daf4861a0fcb05d8d7fad3b0002ac829e0
SSDEEP

384:x8JXZ1YW0J9e0bMrHQOpaeyb0Hs59/POLA7SD3FtN0HSAOwvZzONOqNMGqKDmAvI:xWXUhL9MZUAHYPOM7e3FiNOMwq4tw

Score

6^/10

Malware Config

Targets

- Target
  
  7db0a4dfb83b1693350b14185c642c53215fd526d177290db834b4bc132e4cbf
- Size
  
  29KB
- MD5
  
  2fbd654303d859a690a5bf7943e18470
- SHA1
  
  fc59544eea470f90b522350f116171d00a450cf3
- SHA256
  
  7db0a4dfb83b1693350b14185c642c53215fd526d177290db834b4bc132e4cbf
- SHA512
  
  b96d2e88692073831205706912ea6544abfcb244d784079c94fcd71f9cb1e640b92f2134aed8b37766e39ce65b6e20daf4861a0fcb05d8d7fad3b0002ac829e0
- SSDEEP
  
  384:x8JXZ1YW0J9e0bMrHQOpaeyb0Hs59/POLA7SD3FtN0HSAOwvZzONOqNMGqKDmAvI:xWXUhL9MZUAHYPOM7e3FiNOMwq4tw
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2