8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9 | Triage

Submit
Reports

Overview

overview

8

Static

static

8a03d7389e...a9.exe

windows7-x64

8

8a03d7389e...a9.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

Target

8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9
Size

152KB
Sample

221011-h5fdsacabq
MD5

77fcb9823526386b02d5a0a68c8d1ac0
SHA1

6e9979fe1e233ba56577ade4bde0b196a0479f5d
SHA256

8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9
SHA512

b169eea295d64837172fa02e5aa00e17e4906bcdc468b4adafb58481c26b04415c833242629bda72d250bd8ab442bdc36215255854e72d99563330020c779bfa
SSDEEP

3072:3RjF2wJhQDNo11NKdNuRf7U+3Kyb4U02awKgQCLFPIkc:hJ3P0+9icRfQ+6i02aytwkc

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9
- Size
  
  152KB
- MD5
  
  77fcb9823526386b02d5a0a68c8d1ac0
- SHA1
  
  6e9979fe1e233ba56577ade4bde0b196a0479f5d
- SHA256
  
  8a03d7389e40a4bd0fc20b4de5812aaee6b8f5a20e164d3949a637ce66f825a9
- SHA512
  
  b169eea295d64837172fa02e5aa00e17e4906bcdc468b4adafb58481c26b04415c833242629bda72d250bd8ab442bdc36215255854e72d99563330020c779bfa
- SSDEEP
  
  3072:3RjF2wJhQDNo11NKdNuRf7U+3Kyb4U02awKgQCLFPIkc:hJ3P0+9icRfQ+6i02aytwkc
Score

8^/10

persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy