e5d4f43bd4600bb0a4769b030ceeb46a4bd757ab358e8d5d21c9a352d8e65602 | Triage

Sharing

General

Target

e5d4f43bd4600bb0a4769b030ceeb46a4bd757ab358e8d5d21c9a352d8e65602
Size

1.3MB
Sample

221124-mdgvrabb51
MD5

7dbce420e3f7de3d39b02fc682b3e8bd
SHA1

ef0a960179361d6ec27736e3f9198459cde6daed
SHA256

e5d4f43bd4600bb0a4769b030ceeb46a4bd757ab358e8d5d21c9a352d8e65602
SHA512

fc2930532c369b38331cb751fa0c4ec35fc119a41aec7b56807b3c4c9d0a99854a437ffdff5ef4c0b4c3b33e40d1c5c7bbf9763066f3339b2a59970ccfb5a2cf
SSDEEP

24576:7rKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak:7rKo4ZwCOnYjVmJPa

Score

7^/10

Malware Config

Targets

- Target
  
  e5d4f43bd4600bb0a4769b030ceeb46a4bd757ab358e8d5d21c9a352d8e65602
- Size
  
  1.3MB
- MD5
  
  7dbce420e3f7de3d39b02fc682b3e8bd
- SHA1
  
  ef0a960179361d6ec27736e3f9198459cde6daed
- SHA256
  
  e5d4f43bd4600bb0a4769b030ceeb46a4bd757ab358e8d5d21c9a352d8e65602
- SHA512
  
  fc2930532c369b38331cb751fa0c4ec35fc119a41aec7b56807b3c4c9d0a99854a437ffdff5ef4c0b4c3b33e40d1c5c7bbf9763066f3339b2a59970ccfb5a2cf
- SSDEEP
  
  24576:7rKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak:7rKo4ZwCOnYjVmJPa
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2