89346f2b6c8a5e4d76ee2c4b4e0b800031efcd14f4f3ad0500a8d558cd0935f6 | Triage

Sharing

General

Target

89346f2b6c8a5e4d76ee2c4b4e0b800031efcd14f4f3ad0500a8d558cd0935f6
Size

1.2MB
Sample

221123-nqwp4she33
MD5

b2138844c760675e63f53c42f9c86445
SHA1

908526b99270b0573cb989f14a3fbd7a4f0b10be
SHA256

89346f2b6c8a5e4d76ee2c4b4e0b800031efcd14f4f3ad0500a8d558cd0935f6
SHA512

cbe5b27632f3626131cb9dd249bf182d02f21a3b8f37a34e13e5dd8083e7e231354271825717de06925dd11cc875a26e47a61d8c8cce5c8197f2c7053e5d3736
SSDEEP

12288:NSGxzDKw6w2qa3LgMc8SLFDY/8LeS2899E7D3AYNACMzb7noKcxl4B6obXWRAfbh:Mxw8wFDY3wE3wY6cxI6gWUbIwMLHf/4

Score

7^/10

Malware Config

Targets

- Target
  
  89346f2b6c8a5e4d76ee2c4b4e0b800031efcd14f4f3ad0500a8d558cd0935f6
- Size
  
  1.2MB
- MD5
  
  b2138844c760675e63f53c42f9c86445
- SHA1
  
  908526b99270b0573cb989f14a3fbd7a4f0b10be
- SHA256
  
  89346f2b6c8a5e4d76ee2c4b4e0b800031efcd14f4f3ad0500a8d558cd0935f6
- SHA512
  
  cbe5b27632f3626131cb9dd249bf182d02f21a3b8f37a34e13e5dd8083e7e231354271825717de06925dd11cc875a26e47a61d8c8cce5c8197f2c7053e5d3736
- SSDEEP
  
  12288:NSGxzDKw6w2qa3LgMc8SLFDY/8LeS2899E7D3AYNACMzb7noKcxl4B6obXWRAfbh:Mxw8wFDY3wE3wY6cxI6gWUbIwMLHf/4
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2