Overview

overview

8

Static

static

bdbabd94ec...a7.exe

windows7-x64

8

bdbabd94ec...a7.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bdbabd94ec7847b09960a4531f245092442fc1f722f6d4bfa5dffc6a675e68a7

  • Size

    137KB

  • Sample

    221030-pb49dabaep

  • MD5

    92cefcf1f658a903e80beb38ae361fd0

  • SHA1

    c12a3fa31ad0ec87d6535dfc95870d62165da938

  • SHA256

    bdbabd94ec7847b09960a4531f245092442fc1f722f6d4bfa5dffc6a675e68a7

  • SHA512

    963d37e5d9a110fbd01a5e4357919d3411d615ddafe5167fe77ef65e5995fea90bc35544b520760b95597bc327e3cb01246145c44817a7eb8ea2220cba725eaa

  • SSDEEP

    3072:6iQcB3w833JUL8axhnwZgcLp3f5O8buZItfA0uzmBtHZ//JmSDy/:61cZZuhhnhcLdw8mI1Ruzm7Z86

Score
8/10
persistence

Malware Config

Targets

    • Target

      bdbabd94ec7847b09960a4531f245092442fc1f722f6d4bfa5dffc6a675e68a7

    • Size

      137KB

    • MD5

      92cefcf1f658a903e80beb38ae361fd0

    • SHA1

      c12a3fa31ad0ec87d6535dfc95870d62165da938

    • SHA256

      bdbabd94ec7847b09960a4531f245092442fc1f722f6d4bfa5dffc6a675e68a7

    • SHA512

      963d37e5d9a110fbd01a5e4357919d3411d615ddafe5167fe77ef65e5995fea90bc35544b520760b95597bc327e3cb01246145c44817a7eb8ea2220cba725eaa

    • SSDEEP

      3072:6iQcB3w833JUL8axhnwZgcLp3f5O8buZItfA0uzmBtHZ//JmSDy/:61cZZuhhnhcLdw8mI1Ruzm7Z86

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks