Overview

overview

8

Static

static

b1e52f0db0...e5.exe

windows7-x64

8

b1e52f0db0...e5.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    b1e52f0db01561649777c1523c702195843d6fc9419152e2d0ca250a98e930e5

  • Size

    35KB

  • Sample

    221012-sekwpaged6

  • MD5

    606a172fd8a5b96e216dc8d32e3fe944

  • SHA1

    4841733d799ec08f868fc7c17edd8bf4740aee26

  • SHA256

    b1e52f0db01561649777c1523c702195843d6fc9419152e2d0ca250a98e930e5

  • SHA512

    6d0e550e3245be0e94176bc5bbd430675ddcba8ce8dfad4612c11220bc440234fdc0785a493c721667cf969ab69335078af442c32e8a611f4ce8c9e50fbac3bd

  • SSDEEP

    384:x9RlQG13BLgexxxaR0O834rfmAT/5bcicoAVmaqsj7T0oY7cQ67oJk1Ziwf6hycq:TQGpmes+olciha/sw8cF6srxLwN97jk

Score
8/10

Malware Config

Targets

    • Target

      b1e52f0db01561649777c1523c702195843d6fc9419152e2d0ca250a98e930e5

    • Size

      35KB

    • MD5

      606a172fd8a5b96e216dc8d32e3fe944

    • SHA1

      4841733d799ec08f868fc7c17edd8bf4740aee26

    • SHA256

      b1e52f0db01561649777c1523c702195843d6fc9419152e2d0ca250a98e930e5

    • SHA512

      6d0e550e3245be0e94176bc5bbd430675ddcba8ce8dfad4612c11220bc440234fdc0785a493c721667cf969ab69335078af442c32e8a611f4ce8c9e50fbac3bd

    • SSDEEP

      384:x9RlQG13BLgexxxaR0O834rfmAT/5bcicoAVmaqsj7T0oY7cQ67oJk1Ziwf6hycq:TQGpmes+olciha/sw8cF6srxLwN97jk

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks