af6b9996bed579e1e495631c5198cdba2c5e670ba44f556d8f20da0bebb0c858 | Triage

Sharing

General

Target

af6b9996bed579e1e495631c5198cdba2c5e670ba44f556d8f20da0bebb0c858
Size

1.3MB
Sample

221123-mmpxqaee26
MD5

69d16d4a568445c4eee710387c346a66
SHA1

07fc9ebdffcc1399de77c41bda7d9c23914edba2
SHA256

af6b9996bed579e1e495631c5198cdba2c5e670ba44f556d8f20da0bebb0c858
SHA512

52ade3277ae68f5488ece5491b2b957640653c06d72bc13dd07e9beadba0115d58c50bd4d3155a0b7335e32f93604616e62dbe4362452077631346bb112552db
SSDEEP

24576:TrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakJ:TrKo4ZwCOnYjVmJPae

Score

7^/10

Malware Config

Targets

- Target
  
  af6b9996bed579e1e495631c5198cdba2c5e670ba44f556d8f20da0bebb0c858
- Size
  
  1.3MB
- MD5
  
  69d16d4a568445c4eee710387c346a66
- SHA1
  
  07fc9ebdffcc1399de77c41bda7d9c23914edba2
- SHA256
  
  af6b9996bed579e1e495631c5198cdba2c5e670ba44f556d8f20da0bebb0c858
- SHA512
  
  52ade3277ae68f5488ece5491b2b957640653c06d72bc13dd07e9beadba0115d58c50bd4d3155a0b7335e32f93604616e62dbe4362452077631346bb112552db
- SSDEEP
  
  24576:TrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakJ:TrKo4ZwCOnYjVmJPae
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2