d0f6a0f2ef0ea3ec720e9669a33ee42c17ac6ab3a3d81b6c624b50a131223466 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0f6a0f2ef0ea3ec720e9669a33ee42c17ac6ab3a3d81b6c624b50a131223466
Size

40KB
Sample

221205-2n8hsaea96
MD5

0d09eda2e366a1132a3af0c8ad128710
SHA1

cae4529419810bd8304fb0b0767ec371d73d0378
SHA256

d0f6a0f2ef0ea3ec720e9669a33ee42c17ac6ab3a3d81b6c624b50a131223466
SHA512

01921af52eaacb89b7708204846def1bf63f3a4b205136b42fed23c01dc37a635e318283d32d850f00c237a424be04cd32e266e7bca5e86d4656b246a321edca
SSDEEP

768:jdA8DGNh+cpS1PdnrVtchDOHlejAGTXiQfrn8rnkCC6:jddDGNUD9rD9CAGTXvk

Score

6^/10

Malware Config

Targets

- Target
  
  d0f6a0f2ef0ea3ec720e9669a33ee42c17ac6ab3a3d81b6c624b50a131223466
- Size
  
  40KB
- MD5
  
  0d09eda2e366a1132a3af0c8ad128710
- SHA1
  
  cae4529419810bd8304fb0b0767ec371d73d0378
- SHA256
  
  d0f6a0f2ef0ea3ec720e9669a33ee42c17ac6ab3a3d81b6c624b50a131223466
- SHA512
  
  01921af52eaacb89b7708204846def1bf63f3a4b205136b42fed23c01dc37a635e318283d32d850f00c237a424be04cd32e266e7bca5e86d4656b246a321edca
- SSDEEP
  
  768:jdA8DGNh+cpS1PdnrVtchDOHlejAGTXiQfrn8rnkCC6:jddDGNUD9rD9CAGTXvk
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2