Overview

overview

8

Static

static

6275e9ccf3...6d.exe

windows7-x64

8

6275e9ccf3...6d.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    6275e9ccf3468da0cb52c14bbc99a49a3f4f214bac31557717554605a6ce636d

  • Size

    206KB

  • Sample

    221029-2h56gaaac3

  • MD5

    84b895cea9e5b535934d9dc300973710

  • SHA1

    2da8f8a41d85c6782b0f16b8c0e5f5bcdfbf73b3

  • SHA256

    6275e9ccf3468da0cb52c14bbc99a49a3f4f214bac31557717554605a6ce636d

  • SHA512

    2bcc67e8ac77f36d10a62376bfdd81b5ce295bc0c7df0630302115635a660e18642c8347bcb73feb079504559726772c0e2f9798e28572b2e9028b329395e266

  • SSDEEP

    3072:2fd4Plqrl4wk4vY2lZPRySGONz0k2ZTFy4eLdfd9DdapvyEq:zJwbvtlZr9N0DJYBLdBap/

Score
8/10
persistence

Malware Config

Targets

    • Target

      6275e9ccf3468da0cb52c14bbc99a49a3f4f214bac31557717554605a6ce636d

    • Size

      206KB

    • MD5

      84b895cea9e5b535934d9dc300973710

    • SHA1

      2da8f8a41d85c6782b0f16b8c0e5f5bcdfbf73b3

    • SHA256

      6275e9ccf3468da0cb52c14bbc99a49a3f4f214bac31557717554605a6ce636d

    • SHA512

      2bcc67e8ac77f36d10a62376bfdd81b5ce295bc0c7df0630302115635a660e18642c8347bcb73feb079504559726772c0e2f9798e28572b2e9028b329395e266

    • SSDEEP

      3072:2fd4Plqrl4wk4vY2lZPRySGONz0k2ZTFy4eLdfd9DdapvyEq:zJwbvtlZr9N0DJYBLdBap/

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks