dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d | Triage

Submit
Reports

Overview

overview

8

Static

static

dd6f813ce9...5d.exe

windows7-x64

8

dd6f813ce9...5d.exe

windows10-2004-x64

8

Sharing

General

Target

dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d
Size

140KB
Sample

221107-l2whdadcdk
MD5

0c4f821f328330e874ab8f1e872ab075
SHA1

264e246849aefb4e9db60f63a759f82f0223e5a2
SHA256

dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d
SHA512

35ecec7ce81ee28b5783e176a8dcf6819fa369283935693895ea4b55ce418ad13f7e33a9548ce60058f6f9bc4508be14dcc04404a25c70de8cb0d2a23a959705
SSDEEP

3072:cP1Ozm93KaKzsJvFH4AEwszXV6LKt1d+NYPVNG5gBejCR5pynaD3Qv:cP8z8KaKQXH3Ewsh6S1UWPz3BejCAnaW

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d.exe

Resource

win7-20220901-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d
- Size
  
  140KB
- MD5
  
  0c4f821f328330e874ab8f1e872ab075
- SHA1
  
  264e246849aefb4e9db60f63a759f82f0223e5a2
- SHA256
  
  dd6f813ce984c0358a0dc7dc0ab8b35b79464ed4421759cb9fddd3537b03b55d
- SHA512
  
  35ecec7ce81ee28b5783e176a8dcf6819fa369283935693895ea4b55ce418ad13f7e33a9548ce60058f6f9bc4508be14dcc04404a25c70de8cb0d2a23a959705
- SSDEEP
  
  3072:cP1Ozm93KaKzsJvFH4AEwszXV6LKt1d+NYPVNG5gBejCR5pynaD3Qv:cP8z8KaKQXH3Ewsh6S1UWPz3BejCAnaW
Score

8^/10

persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy