822241347eb5346e6587ec40c4eee7585ec2d175925613b4b165fe4d489d0be7 | Triage

Sharing

General

Target

822241347eb5346e6587ec40c4eee7585ec2d175925613b4b165fe4d489d0be7
Size

110KB
Sample

221002-p8648shdfn
MD5

636c11c70afb080a8a4b4188b543a4eb
SHA1

d452eba1722c1044f607d4b06bc42ef4c4f3189d
SHA256

822241347eb5346e6587ec40c4eee7585ec2d175925613b4b165fe4d489d0be7
SHA512

1daf3d00aa9a09a91954ee1ba0eb8b73875da1da517021380d3fb9acf5c61553d84cf49fc8482251d58552ad033c3f93658baf440a9622aee9f57cada716a23c
SSDEEP

1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOx:dT8cUi20DuQpKnsMkrBx

Score

8^/10

Malware Config

Targets

- Target
  
  822241347eb5346e6587ec40c4eee7585ec2d175925613b4b165fe4d489d0be7
- Size
  
  110KB
- MD5
  
  636c11c70afb080a8a4b4188b543a4eb
- SHA1
  
  d452eba1722c1044f607d4b06bc42ef4c4f3189d
- SHA256
  
  822241347eb5346e6587ec40c4eee7585ec2d175925613b4b165fe4d489d0be7
- SHA512
  
  1daf3d00aa9a09a91954ee1ba0eb8b73875da1da517021380d3fb9acf5c61553d84cf49fc8482251d58552ad033c3f93658baf440a9622aee9f57cada716a23c
- SSDEEP
  
  1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOx:dT8cUi20DuQpKnsMkrBx
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2