Overview

overview

8

Static

static

1

Registry.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Registry.exe

  • Size

    47.6MB

  • Sample

    241005-n9rv9ssfpr

  • MD5

    b16181d4ad0da57024cc3cc5935147e8

  • SHA1

    5ca16ea55827db634cd570ac3952bc4a31ec27f5

  • SHA256

    1f39254002bc937c4ac94701dc1f033102cf2b00533eb99a30fba3db87148bfc

  • SHA512

    93b79f3577c895eaa662edcfc7ac7c46ed2c10c57aa6cad164ac6208e94a74ba6092f45c6e77fce3bcc52f1e875d65189f846a12db4273e69a7adfefc30fe00e

  • SSDEEP

    786432:2inB7YtysOsApEGkEi2I/jbh8S36ipzROU8Bwrm3Ov+GFcOmFAFW1f2u:DnB7YtrOBg2I/jbh8VQt8erzHmFIWR2u

Score
8/10
evasionexecution

Malware Config

Targets

    • Target

      Registry.exe

    • Size

      47.6MB

    • MD5

      b16181d4ad0da57024cc3cc5935147e8

    • SHA1

      5ca16ea55827db634cd570ac3952bc4a31ec27f5

    • SHA256

      1f39254002bc937c4ac94701dc1f033102cf2b00533eb99a30fba3db87148bfc

    • SHA512

      93b79f3577c895eaa662edcfc7ac7c46ed2c10c57aa6cad164ac6208e94a74ba6092f45c6e77fce3bcc52f1e875d65189f846a12db4273e69a7adfefc30fe00e

    • SSDEEP

      786432:2inB7YtysOsApEGkEi2I/jbh8S36ipzROU8Bwrm3Ov+GFcOmFAFW1f2u:DnB7YtrOBg2I/jbh8VQt8erzHmFIWR2u

    Score
    8/10
    evasionexecution

    • Stops running service(s)

      evasionexecution

    • Checks BIOS information in registry

      BIOS information is often read in order to detect sandboxing environments.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks