Overview

overview

8

Static

static

57e57c5682...87.exe

windows7-x64

8

57e57c5682...87.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    57e57c5682a05ecb6d40c665746569ffa652da7d61d033a233c458b782472d87

  • Size

    146KB

  • Sample

    221019-2sf94abhdk

  • MD5

    a0eee561b4dc68d89840b952654aea20

  • SHA1

    67e3d6c2290cb31bfad69bd04cb6599aee625a12

  • SHA256

    57e57c5682a05ecb6d40c665746569ffa652da7d61d033a233c458b782472d87

  • SHA512

    bdeeff2e3e064686d306e4f2752803c817b85afc89e98826c5e2f09f6c8cdebb395c5b68839ef27fce2c5b26d7ea655277bebed563d6a50d64f6c92e415456e6

  • SSDEEP

    3072:vCz3mXUlEaZz1PZ6hIk69Y9SC48tgC8Xv:vCz3mUlEs1PZNhWS5Ci

Score
8/10
persistence

Malware Config

Targets

    • Target

      57e57c5682a05ecb6d40c665746569ffa652da7d61d033a233c458b782472d87

    • Size

      146KB

    • MD5

      a0eee561b4dc68d89840b952654aea20

    • SHA1

      67e3d6c2290cb31bfad69bd04cb6599aee625a12

    • SHA256

      57e57c5682a05ecb6d40c665746569ffa652da7d61d033a233c458b782472d87

    • SHA512

      bdeeff2e3e064686d306e4f2752803c817b85afc89e98826c5e2f09f6c8cdebb395c5b68839ef27fce2c5b26d7ea655277bebed563d6a50d64f6c92e415456e6

    • SSDEEP

      3072:vCz3mXUlEaZz1PZ6hIk69Y9SC48tgC8Xv:vCz3mUlEs1PZNhWS5Ci

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks