1e48139edd6ed45cdd316152b2cecb6cdd63241161fb9af42a1e8ff22f3ff650 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1e48139edd6ed45cdd316152b2cecb6cdd63241161fb9af42a1e8ff22f3ff650N.exe
Size

588KB
Sample

240925-ehebesteqr
MD5

e884aad799ad1addd5419b6d35473420
SHA1

d9d03fac905e1a0c8b3b8082e57254eb13fcf840
SHA256

1e48139edd6ed45cdd316152b2cecb6cdd63241161fb9af42a1e8ff22f3ff650
SHA512

8ad3ac791644bb4f77df23ee9e4008f3fecd7b99b375c33c280328a9f1b3c82ba391c6d9f067d3ec943485199344ed576fef26ee33f0f86fcc17e9786b59082f
SSDEEP

12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7j:KgIh0/iLhrekeKYAl4RN

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  1e48139edd6ed45cdd316152b2cecb6cdd63241161fb9af42a1e8ff22f3ff650N.exe
- Size
  
  588KB
- MD5
  
  e884aad799ad1addd5419b6d35473420
- SHA1
  
  d9d03fac905e1a0c8b3b8082e57254eb13fcf840
- SHA256
  
  1e48139edd6ed45cdd316152b2cecb6cdd63241161fb9af42a1e8ff22f3ff650
- SHA512
  
  8ad3ac791644bb4f77df23ee9e4008f3fecd7b99b375c33c280328a9f1b3c82ba391c6d9f067d3ec943485199344ed576fef26ee33f0f86fcc17e9786b59082f
- SSDEEP
  
  12288:nXznQ+bCxWrUhLZvzC/igEhrNA9SNwyrYAmyhIna3PiGpYh7j:KgIh0/iLhrekeKYAl4RN
Score

7^/10

discovery
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Loads dropped DLL
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2