638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134 | Triage

Submit
Reports

Overview

overview

Static

static

638f5bd371...34.exe

windows7-x64

638f5bd371...34.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134
Size

179KB
Sample

221029-2hw8kaaaa8
MD5

57bc15f84101b16ba65e99d439c88911
SHA1

3c37980bc5bbb4ea73ad2d94deba83d605fe2355
SHA256

638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134
SHA512

bc736bd11337c676316c47be0a8bb909f3f917f375c0227937540735666431798c72ef5eb20ec4c85369b68ffe779d15b8509dbdff71d2900ba9beb52be4f5f3
SSDEEP

3072:Nr1zIJWcbG62WVaJbyT4+sZCOW2BH8Id/n6g5fXxhDYpNKQ2HtD8hSsM:F1fEQb04+sZCn2BH82n6ILdQ2WA

Score

10^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134
- Size
  
  179KB
- MD5
  
  57bc15f84101b16ba65e99d439c88911
- SHA1
  
  3c37980bc5bbb4ea73ad2d94deba83d605fe2355
- SHA256
  
  638f5bd371b26fc92b2a5c055efc0559863f98b6704491645152f7bb4bea3134
- SHA512
  
  bc736bd11337c676316c47be0a8bb909f3f917f375c0227937540735666431798c72ef5eb20ec4c85369b68ffe779d15b8509dbdff71d2900ba9beb52be4f5f3
- SSDEEP
  
  3072:Nr1zIJWcbG62WVaJbyT4+sZCOW2BH8Id/n6g5fXxhDYpNKQ2HtD8hSsM:F1fEQb04+sZCn2BH82n6ILdQ2WA
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy