7a423c64e6899608ab1543d7e896a57ae98829f43d99ca43d87d9994d8693fe0 | Triage

Sharing

General

Target

7a423c64e6899608ab1543d7e896a57ae98829f43d99ca43d87d9994d8693fe0
Size

1.5MB
Sample

221123-n8b4esaf96
MD5

d99bcab9ccc8de415bf57ae8f595f6de
SHA1

d91160c99b2b5412cf84546ad62d366f03afe4a5
SHA256

7a423c64e6899608ab1543d7e896a57ae98829f43d99ca43d87d9994d8693fe0
SHA512

6164106eb14d4b9efc48a8bd443bd3620b9a0bdbfc8eca504d00a1dae959cf2235d20b4d5e68315a4c52971ce6a975b2b248142462268ad18f3739fe471e7e23
SSDEEP

24576:OzD5urNhRWx2Mk4JJQByw7Imlq3g495S0PwbphrpgXXOZuv/rTWeR5j4UwJZQUYv:26/ye0PIphrp9Zuvjqa0Uid4

Score

7^/10

Malware Config

Targets

- Target
  
  7a423c64e6899608ab1543d7e896a57ae98829f43d99ca43d87d9994d8693fe0
- Size
  
  1.5MB
- MD5
  
  d99bcab9ccc8de415bf57ae8f595f6de
- SHA1
  
  d91160c99b2b5412cf84546ad62d366f03afe4a5
- SHA256
  
  7a423c64e6899608ab1543d7e896a57ae98829f43d99ca43d87d9994d8693fe0
- SHA512
  
  6164106eb14d4b9efc48a8bd443bd3620b9a0bdbfc8eca504d00a1dae959cf2235d20b4d5e68315a4c52971ce6a975b2b248142462268ad18f3739fe471e7e23
- SSDEEP
  
  24576:OzD5urNhRWx2Mk4JJQByw7Imlq3g495S0PwbphrpgXXOZuv/rTWeR5j4UwJZQUYv:26/ye0PIphrp9Zuvjqa0Uid4
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2