6dbfc941954d128e19b56cd948d48d6cc4224ef096d997a014dfe0d61a9c86d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7f796b3ec37c4dd.zip
Size

47.2MB
Sample

240309-sdey2sae29
MD5

f0f5e7ad369a206add7723be6284c64a
SHA1

1b7235f81bf7b61d227b32dfebc2f83635615872
SHA256

6dbfc941954d128e19b56cd948d48d6cc4224ef096d997a014dfe0d61a9c86d8
SHA512

a08543a9935af1b739cb4dd4127ecf18ba789ce6b5c7f2db79184e99a09eaba4bc6751b8235ebaabe6ff2087a79d15b3b6fa9194e260adc5457f578d3d607245
SSDEEP

786432:DxokJwfNhV8UH9+y0/ets42crVwgeDGQ/ce9qerabozXWlt8kXPi5KZxQ:DxokwLV8Uw/g24Sid+q70zGL815f

Score

6^/10

Malware Config

Targets

- Target
  
  d7f796b3ec37c4dd.exe
- Size
  
  47.2MB
- MD5
  
  8eea9925b0dd3147b169f9ea64c847cd
- SHA1
  
  7a7946fe101be46946a6b509d9063266bc6cfab5
- SHA256
  
  63243bcbac07e165c3a799f5a3c1a7f02c8d8bc207c2f604461268efbad38882
- SHA512
  
  9b42b0eeae4ad0f1149792b772341c0d278c784238cce227bb517d24bbc8d5435e311a07b93a2aa7eee47a9ae8cfb33c341a9171bb93b432c7d56d0b689118ed
- SSDEEP
  
  786432:OxokJwfNhV8UH9+y0/ets42crVwgeDGQ/ce9qerabozXWlt8kXPi5KZx:OxokwLV8Uw/g24Sid+q70zGL815
Score

6^/10
- Legitimate hosting services abused for malware hosting/C2
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Web Service

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2