1dcdb37a55c3cad5d4d078f3c0c242f76f16aa78777ece0fabad76fa5c8dc646 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1dcdb37a55c3cad5d4d078f3c0c242f76f16aa78777ece0fabad76fa5c8dc646
Size

36KB
Sample

221205-lzrreaha72
MD5

3a8b7393c911949ec16dd06138676720
SHA1

fc4b100c525a4b24f69323f00c50fc2a97a507e2
SHA256

1dcdb37a55c3cad5d4d078f3c0c242f76f16aa78777ece0fabad76fa5c8dc646
SHA512

4162a0eb37bb446161d2d0b4e5245334e31a86ad6f9eb08bed7421cf7e02d73affe4c5ab208b75a867e7d5e6acbc4a2af82099832a49a3c5bd41b2d0a3e60bf7
SSDEEP

768:mCAsQ78MWMyPSkJPnliVdqDwB3H8MEqi9sjj6cfxne71tnDa:mCAjczPliV33cF9sjjl/

Score

6^/10

Malware Config

Targets

- Target
  
  1dcdb37a55c3cad5d4d078f3c0c242f76f16aa78777ece0fabad76fa5c8dc646
- Size
  
  36KB
- MD5
  
  3a8b7393c911949ec16dd06138676720
- SHA1
  
  fc4b100c525a4b24f69323f00c50fc2a97a507e2
- SHA256
  
  1dcdb37a55c3cad5d4d078f3c0c242f76f16aa78777ece0fabad76fa5c8dc646
- SHA512
  
  4162a0eb37bb446161d2d0b4e5245334e31a86ad6f9eb08bed7421cf7e02d73affe4c5ab208b75a867e7d5e6acbc4a2af82099832a49a3c5bd41b2d0a3e60bf7
- SSDEEP
  
  768:mCAsQ78MWMyPSkJPnliVdqDwB3H8MEqi9sjj6cfxne71tnDa:mCAjczPliV33cF9sjjl/
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2