774a0a5209b44856f3a3198e80aaf40f919c3c50b36307f5d7144e284ac460e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa07c47ff16d064bfd1f640c1740e5ea
Size

47KB
Sample

240227-ypeqbaac7x
MD5

aa07c47ff16d064bfd1f640c1740e5ea
SHA1

e820abd67173554ab50fb4ddf8e7241ebee5f423
SHA256

774a0a5209b44856f3a3198e80aaf40f919c3c50b36307f5d7144e284ac460e5
SHA512

3d77838ed86667ae6782a906d6fba95a4afa31f9cbb5ad46948b638a659d8fc74ed58d0bbdf908bd381df0040976860ab4d18ff9c5eaa90c62a6d0d7e9b09884
SSDEEP

768:OaskSpEkB4cx0+Y+UHTKnbdwJkLJfLnsB5+KznGdeE2NorB1A3o5C0Gh/zvJfO:1sxEdGnbd5jG5dznGdt2NA1AIsh/zvJO

Score

6^/10

Malware Config

Targets

- Target
  
  aa07c47ff16d064bfd1f640c1740e5ea
- Size
  
  47KB
- MD5
  
  aa07c47ff16d064bfd1f640c1740e5ea
- SHA1
  
  e820abd67173554ab50fb4ddf8e7241ebee5f423
- SHA256
  
  774a0a5209b44856f3a3198e80aaf40f919c3c50b36307f5d7144e284ac460e5
- SHA512
  
  3d77838ed86667ae6782a906d6fba95a4afa31f9cbb5ad46948b638a659d8fc74ed58d0bbdf908bd381df0040976860ab4d18ff9c5eaa90c62a6d0d7e9b09884
- SSDEEP
  
  768:OaskSpEkB4cx0+Y+UHTKnbdwJkLJfLnsB5+KznGdeE2NorB1A3o5C0Gh/zvJfO:1sxEdGnbd5jG5dznGdt2NA1AIsh/zvJO
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2