Overview

overview

8

Static

static

ab827dc28a...38.exe

windows7-x64

8

ab827dc28a...38.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    ab827dc28afa4f76d6459c15af70206ce8475464f57dcd06be8bd3a5d0a73438

  • Size

    36KB

  • Sample

    221020-j7r12adda5

  • MD5

    4454ea6731a8b0e2ae22c3dba9cadb6f

  • SHA1

    bb45ffb2a7852b9b035151ea466d2c4ab109570c

  • SHA256

    ab827dc28afa4f76d6459c15af70206ce8475464f57dcd06be8bd3a5d0a73438

  • SHA512

    54eb4272e84cfe8a147520a6239b136708c31c25b89185c5d0d4f67e99708890be5c3fd47412dc6fc0ae16a10aa5b4f9717a6c79e95d9bbca951e7dde3deadd4

  • SSDEEP

    768:L5uhMogHxJ5CVpm6jFHd+mc+8MfIsVNwDhqpsq1n:9FoglCVBjdqz9Nwp9

Score
8/10

Malware Config

Targets

    • Target

      ab827dc28afa4f76d6459c15af70206ce8475464f57dcd06be8bd3a5d0a73438

    • Size

      36KB

    • MD5

      4454ea6731a8b0e2ae22c3dba9cadb6f

    • SHA1

      bb45ffb2a7852b9b035151ea466d2c4ab109570c

    • SHA256

      ab827dc28afa4f76d6459c15af70206ce8475464f57dcd06be8bd3a5d0a73438

    • SHA512

      54eb4272e84cfe8a147520a6239b136708c31c25b89185c5d0d4f67e99708890be5c3fd47412dc6fc0ae16a10aa5b4f9717a6c79e95d9bbca951e7dde3deadd4

    • SSDEEP

      768:L5uhMogHxJ5CVpm6jFHd+mc+8MfIsVNwDhqpsq1n:9FoglCVBjdqz9Nwp9

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks