Overview

overview

8

Static

static

4428a45608...ef.exe

windows7-x64

8

4428a45608...ef.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4428a4560869f2ba9fd7a0b53100e55d374dbbfd914df2ba63134070cbcc81ef

  • Size

    171KB

  • Sample

    221123-rs8z1acd8x

  • MD5

    87d6530bf4b6cf6efdee9646c0dd4275

  • SHA1

    fc4038e30967b59e569a62efa8d4d941e522a65a

  • SHA256

    4428a4560869f2ba9fd7a0b53100e55d374dbbfd914df2ba63134070cbcc81ef

  • SHA512

    f5c5753a494062f6b76c0fc60781331f8f9058fd0e52255f82b3d47f083dcd21b2d0fe5fd4d7a0e7db3bbae5f7fe3794362fd45e94a5d575b52e564548361ff7

  • SSDEEP

    3072:3/SI4Xl4p/KYR0IJK4PIw3tHezHe9Mau3AZ5mz7HNrFvy+KIGLXhbsw:u4k74fFu3A7qh34Dhbs

Score
8/10

Malware Config

Targets

    • Target

      4428a4560869f2ba9fd7a0b53100e55d374dbbfd914df2ba63134070cbcc81ef

    • Size

      171KB

    • MD5

      87d6530bf4b6cf6efdee9646c0dd4275

    • SHA1

      fc4038e30967b59e569a62efa8d4d941e522a65a

    • SHA256

      4428a4560869f2ba9fd7a0b53100e55d374dbbfd914df2ba63134070cbcc81ef

    • SHA512

      f5c5753a494062f6b76c0fc60781331f8f9058fd0e52255f82b3d47f083dcd21b2d0fe5fd4d7a0e7db3bbae5f7fe3794362fd45e94a5d575b52e564548361ff7

    • SSDEEP

      3072:3/SI4Xl4p/KYR0IJK4PIw3tHezHe9Mau3AZ5mz7HNrFvy+KIGLXhbsw:u4k74fFu3A7qh34Dhbs

    Score
    8/10

    • Executes dropped EXE

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks