e2ecc8ee01590687a8fdea68542eed1c0322de25c3690f0add1aaa4f11ce605b | Triage

Sharing

General

Target

0e2a7209cffd3cad275af989abfcfc3c
Size

336KB
Sample

231230-ewg98sdgh7
MD5

0e2a7209cffd3cad275af989abfcfc3c
SHA1

d0d74bb218c43953354fefa398d2b67e3edd9ce7
SHA256

e2ecc8ee01590687a8fdea68542eed1c0322de25c3690f0add1aaa4f11ce605b
SHA512

b849eb763e1241c3957a3ca8f71379b7e6e4452403185dd065c1f4ee4dae3717878e45e78dfd314bf47b3b1b18a74cfe8a61501ea32d07d8ba8e22e9f91f24a5
SSDEEP

6144:qnsbQDoDWefHPJ9oQ67axXfxBZvgMX1cUvkCEOGTSrcWvZG:2SB1tvgOvZEOM9cG

Score

6^/10

Malware Config

Targets

- Target
  
  0e2a7209cffd3cad275af989abfcfc3c
- Size
  
  336KB
- MD5
  
  0e2a7209cffd3cad275af989abfcfc3c
- SHA1
  
  d0d74bb218c43953354fefa398d2b67e3edd9ce7
- SHA256
  
  e2ecc8ee01590687a8fdea68542eed1c0322de25c3690f0add1aaa4f11ce605b
- SHA512
  
  b849eb763e1241c3957a3ca8f71379b7e6e4452403185dd065c1f4ee4dae3717878e45e78dfd314bf47b3b1b18a74cfe8a61501ea32d07d8ba8e22e9f91f24a5
- SSDEEP
  
  6144:qnsbQDoDWefHPJ9oQ67axXfxBZvgMX1cUvkCEOGTSrcWvZG:2SB1tvgOvZEOM9cG
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2