58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b | Triage

Submit
Reports

Overview

overview

8

Static

static

58206ebc10...2b.exe

windows7-x64

8

58206ebc10...2b.exe

windows10-2004-x64

8

Sharing

General

Target

58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b
Size

234KB
Sample

221020-kqmknaebfm
MD5

8185a6ceee47c01a5eb34771651ebfa0
SHA1

24f928022d793c6ba355bfe379bc7ca96cc7b15b
SHA256

58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b
SHA512

ba65967e3c6b6a7e2d4712e8a82eb586b19a7d7c967f37b2b1a8a452b7a1ef609d5c4c56fd24faa356e0953cb0c07f5e1f0699ffb90108bb90695047d14b6b0e
SSDEEP

3072:aSNFPJgA32Wrd8WfbrGXfpMZflpEgYWXV31Xt6NyCJllbAxRIwRS3Kueu:a2Rg3zwfgUXt1d6NyCJlhAxRIjveu

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b.exe

Resource

win7-20220901-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

10 signatures

150 seconds

Malware Config

Targets

- Target
  
  58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b
- Size
  
  234KB
- MD5
  
  8185a6ceee47c01a5eb34771651ebfa0
- SHA1
  
  24f928022d793c6ba355bfe379bc7ca96cc7b15b
- SHA256
  
  58206ebc105a3e9fd020a34d96f3ae96d50d6a67bfd93ecf811c2fc751df552b
- SHA512
  
  ba65967e3c6b6a7e2d4712e8a82eb586b19a7d7c967f37b2b1a8a452b7a1ef609d5c4c56fd24faa356e0953cb0c07f5e1f0699ffb90108bb90695047d14b6b0e
- SSDEEP
  
  3072:aSNFPJgA32Wrd8WfbrGXfpMZflpEgYWXV31Xt6NyCJllbAxRIwRS3Kueu:a2Rg3zwfgUXt1d6NyCJlhAxRIjveu
Score

8^/10

persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy