9a40e3096ed27fb4089941493d74e80d00e1af78f4812a4b8cbb847076b8f9ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a40e3096ed27fb4089941493d74e80d00e1af78f4812a4b8cbb847076b8f9ee
Size

549KB
Sample

221206-r5w6zagb54
MD5

299f72f43835e7354683fb37e8c3cbe2
SHA1

6cb67b0ab81fbe5da6913ceb5e34067d8836c22b
SHA256

9a40e3096ed27fb4089941493d74e80d00e1af78f4812a4b8cbb847076b8f9ee
SHA512

813717c80575c4ade713481a290fce863ab81a0d8ba9af1ac1c846ecff267704ae72b2ebc1de6825226a630d6f8e00c1f1f3fcbbb17290673bfcc7bb717ed10c
SSDEEP

12288:RJBZ+mhKYgGpThpmGVF6VpnExhwr5GwLPYq8bm+4Esk0:RNhKYlR/VMVFChwr5jGy+/sk0

Score

6^/10

Malware Config

Targets

- Target
  
  9a40e3096ed27fb4089941493d74e80d00e1af78f4812a4b8cbb847076b8f9ee
- Size
  
  549KB
- MD5
  
  299f72f43835e7354683fb37e8c3cbe2
- SHA1
  
  6cb67b0ab81fbe5da6913ceb5e34067d8836c22b
- SHA256
  
  9a40e3096ed27fb4089941493d74e80d00e1af78f4812a4b8cbb847076b8f9ee
- SHA512
  
  813717c80575c4ade713481a290fce863ab81a0d8ba9af1ac1c846ecff267704ae72b2ebc1de6825226a630d6f8e00c1f1f3fcbbb17290673bfcc7bb717ed10c
- SSDEEP
  
  12288:RJBZ+mhKYgGpThpmGVF6VpnExhwr5GwLPYq8bm+4Esk0:RNhKYlR/VMVFChwr5jGy+/sk0
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2