072da52028c96526b92abf3977b3961a33b5f7d4c9b6b781706e640e8a3087d0 | Triage

Sharing

General

Target

304e681030c0bcf46fdc4803ff63a1f0N.exe
Size

762KB
Sample

240825-lvmxnazdkq
MD5

304e681030c0bcf46fdc4803ff63a1f0
SHA1

56a840efb6c40d3cf70adfeb279adcba10cdfc71
SHA256

072da52028c96526b92abf3977b3961a33b5f7d4c9b6b781706e640e8a3087d0
SHA512

41e5f261a0e674774e646c3be73a601725fdb447c18c0cbdbd86b7ce5229294a63ecfcad2c8b2641679d238105082276fa52a8098b0365c75e93b0793eafba82
SSDEEP

12288:uJcKljWL6zApn8vGsw5Q9WswIY3ACshiQ4wuUsjFfvboVR64QUEsnx0S+VtjnL6X:uJcKFW+zApn8vGsw5Q9Wsw/wCYiQ4wuY

Score

6^/10

Malware Config

Targets

- Target
  
  304e681030c0bcf46fdc4803ff63a1f0N.exe
- Size
  
  762KB
- MD5
  
  304e681030c0bcf46fdc4803ff63a1f0
- SHA1
  
  56a840efb6c40d3cf70adfeb279adcba10cdfc71
- SHA256
  
  072da52028c96526b92abf3977b3961a33b5f7d4c9b6b781706e640e8a3087d0
- SHA512
  
  41e5f261a0e674774e646c3be73a601725fdb447c18c0cbdbd86b7ce5229294a63ecfcad2c8b2641679d238105082276fa52a8098b0365c75e93b0793eafba82
- SSDEEP
  
  12288:uJcKljWL6zApn8vGsw5Q9WswIY3ACshiQ4wuUsjFfvboVR64QUEsnx0S+VtjnL6X:uJcKFW+zApn8vGsw5Q9Wsw/wCYiQ4wuY
Score

6^/10
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2