c23ce16d883e51f851dbbcb25f202736829e022943471d93133010a56fb63161 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c23ce16d883e51f851dbbcb25f202736829e022943471d93133010a56fb63161
Size

107KB
Sample

221030-vx8rkscffm
MD5

82bf16d00bf8e3e2e8630d45131a7c30
SHA1

299530d9435884f58b12836da7c8d4b4cde414cf
SHA256

c23ce16d883e51f851dbbcb25f202736829e022943471d93133010a56fb63161
SHA512

bdc94097ee697c8f88b4ca73dabd4c8de30d23cf25c04fda3d7e55dda82cff6ceb7781c23dcf127050ec08397cd6f62f01ff6cd0b91ffeef486ade7b24e27077
SSDEEP

3072:8zecKgDUUYEYY49rQ5knbV2stF11+vzx4:8zeIkmcbttF1d

Score

8^/10

Malware Config

Targets

- Target
  
  c23ce16d883e51f851dbbcb25f202736829e022943471d93133010a56fb63161
- Size
  
  107KB
- MD5
  
  82bf16d00bf8e3e2e8630d45131a7c30
- SHA1
  
  299530d9435884f58b12836da7c8d4b4cde414cf
- SHA256
  
  c23ce16d883e51f851dbbcb25f202736829e022943471d93133010a56fb63161
- SHA512
  
  bdc94097ee697c8f88b4ca73dabd4c8de30d23cf25c04fda3d7e55dda82cff6ceb7781c23dcf127050ec08397cd6f62f01ff6cd0b91ffeef486ade7b24e27077
- SSDEEP
  
  3072:8zecKgDUUYEYY49rQ5knbV2stF11+vzx4:8zeIkmcbttF1d
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2