b247a64f0cd5221e02b6d49cb17b6811f480e51b8a16ee20bff934cbe039077a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b247a64f0cd5221e02b6d49cb17b6811f480e51b8a16ee20bff934cbe039077a
Size

110KB
Sample

221011-hqw3zsbcfm
MD5

244b3671feda4df16b95573616ab394d
SHA1

8239fde8096de45ff79a9d9bda6c1e9245886801
SHA256

b247a64f0cd5221e02b6d49cb17b6811f480e51b8a16ee20bff934cbe039077a
SHA512

8b657acf43adc34013a72f12f95a80dc5cffae31e4d25b4ed9e5f9d508fa65c8035b40fbeb254de9db9e17f9cef644d727d849375b0ad3eaf6a84c447582b8a7
SSDEEP

1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOO:dT8cUi20DuQpKnsMkrBO

Score

8^/10

Malware Config

Targets

- Target
  
  b247a64f0cd5221e02b6d49cb17b6811f480e51b8a16ee20bff934cbe039077a
- Size
  
  110KB
- MD5
  
  244b3671feda4df16b95573616ab394d
- SHA1
  
  8239fde8096de45ff79a9d9bda6c1e9245886801
- SHA256
  
  b247a64f0cd5221e02b6d49cb17b6811f480e51b8a16ee20bff934cbe039077a
- SHA512
  
  8b657acf43adc34013a72f12f95a80dc5cffae31e4d25b4ed9e5f9d508fa65c8035b40fbeb254de9db9e17f9cef644d727d849375b0ad3eaf6a84c447582b8a7
- SSDEEP
  
  1536:dTKdhmMFi+lokn0CcuQpuv0Ix0vkHWR8ceQDxeOO:dT8cUi20DuQpKnsMkrBO
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2