029f92d74688386ec22a122a2fba9a64c550f4fa679c31027112c3a3f8f0ee23 | Triage

Sharing

General

Target

029f92d74688386ec22a122a2fba9a64c550f4fa679c31027112c3a3f8f0ee23
Size

1.3MB
Sample

221124-tskzaaeh22
MD5

e1eb975f2a5c8127c5ecdbdfb39881f2
SHA1

b163a999f32bd2e1aac7c8b21f3e77aa05fd0091
SHA256

029f92d74688386ec22a122a2fba9a64c550f4fa679c31027112c3a3f8f0ee23
SHA512

88969a957c533393dbf392d6406d6d0f393918a047ef8edd2869c1deab427f95524fe89ae66386de8c346560f29bb3f2c04ceede82b82982a061bdc55b333777
SSDEEP

24576:jrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakm:jrKo4ZwCOnYjVmJPah

Score

7^/10

Malware Config

Targets

- Target
  
  029f92d74688386ec22a122a2fba9a64c550f4fa679c31027112c3a3f8f0ee23
- Size
  
  1.3MB
- MD5
  
  e1eb975f2a5c8127c5ecdbdfb39881f2
- SHA1
  
  b163a999f32bd2e1aac7c8b21f3e77aa05fd0091
- SHA256
  
  029f92d74688386ec22a122a2fba9a64c550f4fa679c31027112c3a3f8f0ee23
- SHA512
  
  88969a957c533393dbf392d6406d6d0f393918a047ef8edd2869c1deab427f95524fe89ae66386de8c346560f29bb3f2c04ceede82b82982a061bdc55b333777
- SSDEEP
  
  24576:jrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPakm:jrKo4ZwCOnYjVmJPah
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2