Overview

overview

8

Static

static

5d3da99d15...df.exe

windows7-x64

8

5d3da99d15...df.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5d3da99d1572a53fa1d5b8072aa0f156350771e16afa4c8beb2baa340cb910df

  • Size

    160KB

  • Sample

    221106-kp4sjsegfn

  • MD5

    09cad50202d20b015ea470b8544312f5

  • SHA1

    b63b87624dd1ea24e84e157d21c295de36f8548a

  • SHA256

    5d3da99d1572a53fa1d5b8072aa0f156350771e16afa4c8beb2baa340cb910df

  • SHA512

    5f3878e86980703f3c27e5af3baa934f6b65e99d7a581470dface29f8c25abc6110143813b6e71f367690bd3603d2cf48b8984eab62f6477c090b94cc3545504

  • SSDEEP

    3072:2t0w5TQJkhQZU8YNLXXD6ZUIBBiqNAD5r0/sACvbEwC9A:2htQJKjLXWiIB0qSD+UASbx/

Score
8/10
persistence

Malware Config

Targets

    • Target

      5d3da99d1572a53fa1d5b8072aa0f156350771e16afa4c8beb2baa340cb910df

    • Size

      160KB

    • MD5

      09cad50202d20b015ea470b8544312f5

    • SHA1

      b63b87624dd1ea24e84e157d21c295de36f8548a

    • SHA256

      5d3da99d1572a53fa1d5b8072aa0f156350771e16afa4c8beb2baa340cb910df

    • SHA512

      5f3878e86980703f3c27e5af3baa934f6b65e99d7a581470dface29f8c25abc6110143813b6e71f367690bd3603d2cf48b8984eab62f6477c090b94cc3545504

    • SSDEEP

      3072:2t0w5TQJkhQZU8YNLXXD6ZUIBBiqNAD5r0/sACvbEwC9A:2htQJKjLXWiIB0qSD+UASbx/

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks