6992956476d275a05d9edb075642a68393e474884b9b51d66ba2d6fd78fd76ec | Triage

Sharing

General

Target

6992956476d275a05d9edb075642a68393e474884b9b51d66ba2d6fd78fd76ec
Size

34KB
Sample

221205-x5vwsshb87
MD5

2572eacb5acf4f3e706b8bd5c27b9e80
SHA1

045f3c17487777d3fa0d623131f33b06e8baf615
SHA256

6992956476d275a05d9edb075642a68393e474884b9b51d66ba2d6fd78fd76ec
SHA512

13d8f96d24eb22771d18367890713554ba433ca98263985233d95f32cd760981d93f117e4470a0b2f9d4107660c18c61857e83b6ad1a7887c67526035dd22897
SSDEEP

384:YyPM0YnujwPhn6MQJah3pdjSGf4NFUOfuxNJGPyYuTX0Xxb54yFYbxj0qpBPnhY/:Yr0Ynp3vAnUlYk0XYfxQqPnhYqicAQkv

Score

6^/10

Malware Config

Targets

- Target
  
  6992956476d275a05d9edb075642a68393e474884b9b51d66ba2d6fd78fd76ec
- Size
  
  34KB
- MD5
  
  2572eacb5acf4f3e706b8bd5c27b9e80
- SHA1
  
  045f3c17487777d3fa0d623131f33b06e8baf615
- SHA256
  
  6992956476d275a05d9edb075642a68393e474884b9b51d66ba2d6fd78fd76ec
- SHA512
  
  13d8f96d24eb22771d18367890713554ba433ca98263985233d95f32cd760981d93f117e4470a0b2f9d4107660c18c61857e83b6ad1a7887c67526035dd22897
- SSDEEP
  
  384:YyPM0YnujwPhn6MQJah3pdjSGf4NFUOfuxNJGPyYuTX0Xxb54yFYbxj0qpBPnhY/:Yr0Ynp3vAnUlYk0XYfxQqPnhYqicAQkv
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2