e58e9bb6f5687f31cca25645261a503cbc37bcf9bbd57cc2fa0d6a497e5a74bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e58e9bb6f5687f31cca25645261a503cbc37bcf9bbd57cc2fa0d6a497e5a74bb
Size

40KB
Sample

221206-twragade37
MD5

1b6cc0c26a03770dc4e453a30d4a2120
SHA1

391e91ef6c47ec08ff2c6b54d1427927e1d963e0
SHA256

e58e9bb6f5687f31cca25645261a503cbc37bcf9bbd57cc2fa0d6a497e5a74bb
SHA512

885e54e46ad8f8e20ad246a0b43e536f9716a287eb67991b7b00fe30ef4d3b6d86090d801a1f4e838430e31825e8ee8b1bf4dab4cd896f6381b48e53c7988759
SSDEEP

768:2RrGuBfn+VE1AMbjliXIfxpxbMdgP4o4GEnLjFCitom:2RrGO+aX4Yfxp1MdgARFD

Score

6^/10

Malware Config

Targets

- Target
  
  e58e9bb6f5687f31cca25645261a503cbc37bcf9bbd57cc2fa0d6a497e5a74bb
- Size
  
  40KB
- MD5
  
  1b6cc0c26a03770dc4e453a30d4a2120
- SHA1
  
  391e91ef6c47ec08ff2c6b54d1427927e1d963e0
- SHA256
  
  e58e9bb6f5687f31cca25645261a503cbc37bcf9bbd57cc2fa0d6a497e5a74bb
- SHA512
  
  885e54e46ad8f8e20ad246a0b43e536f9716a287eb67991b7b00fe30ef4d3b6d86090d801a1f4e838430e31825e8ee8b1bf4dab4cd896f6381b48e53c7988759
- SSDEEP
  
  768:2RrGuBfn+VE1AMbjliXIfxpxbMdgP4o4GEnLjFCitom:2RrGO+aX4Yfxp1MdgARFD
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2