3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74 | Triage

Submit
Reports

Overview

overview

8

Static

static

3bb7488b02...74.exe

windows7-x64

8

3bb7488b02...74.exe

windows10-2004-x64

8

Sharing

General

Target

3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74
Size

173KB
Sample

221123-2rv2vsdg2y
MD5

5e49c21ee04cbcb3b1b3b1cff0e947eb
SHA1

49f617d79ebbde8adcbab5ad9216ee2c41fe5e66
SHA256

3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74
SHA512

8071416fc2594f4a996cef0038613f5da83e96eecec95ff336b6df3857cde389112545e262b97683799b0c500ac3484b61cad0e67619bb6a518311472e52d71e
SSDEEP

3072:wCx/G2TajiYb47TapvObqHgrJjgz3iN/lDnuWNVoarljuPzYoTP3VlVAAV8:w4/G14XaaqEdgbiNp/LoaJjwYozllVV

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74.exe

Resource

win7-20220901-en

windows7-x64

13 signatures

150 seconds

Behavioral task

behavioral2

Sample

3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74
- Size
  
  173KB
- MD5
  
  5e49c21ee04cbcb3b1b3b1cff0e947eb
- SHA1
  
  49f617d79ebbde8adcbab5ad9216ee2c41fe5e66
- SHA256
  
  3bb7488b024edf7e43077d5cb0fd0a54383a1edcbe0a87b9179d07be43d5db74
- SHA512
  
  8071416fc2594f4a996cef0038613f5da83e96eecec95ff336b6df3857cde389112545e262b97683799b0c500ac3484b61cad0e67619bb6a518311472e52d71e
- SSDEEP
  
  3072:wCx/G2TajiYb47TapvObqHgrJjgz3iN/lDnuWNVoarljuPzYoTP3VlVAAV8:w4/G14XaaqEdgbiNp/LoaJjwYozllVV
Score

8^/10

persistence
- Executes dropped EXE
- Registers COM server for autorun
  persistence
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy