7ec4586db876bcb5acf814ffa0cf8b28a3d17083eccaca85816197772cd8af80 | Triage

Sharing

General

Target

7ec4586db876bcb5acf814ffa0cf8b28a3d17083eccaca85816197772cd8af80
Size

1.3MB
Sample

221124-yb5pksed43
MD5

1578d2047b23428ffef7ae895b3865e4
SHA1

04966d9fabd6126f52bb3795db524255a456b8c2
SHA256

7ec4586db876bcb5acf814ffa0cf8b28a3d17083eccaca85816197772cd8af80
SHA512

f1aa90cb0db6f66895298f1b8860570e897cbbe4a74cff52a7d5397c61760ae00936a3d9de19102178b4fd4cdfd31ca6e82500c3e0b8a18f7f97162b3c9ad772
SSDEEP

24576:zrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak+:zrKo4ZwCOnYjVmJPa5

Score

7^/10

Malware Config

Targets

- Target
  
  7ec4586db876bcb5acf814ffa0cf8b28a3d17083eccaca85816197772cd8af80
- Size
  
  1.3MB
- MD5
  
  1578d2047b23428ffef7ae895b3865e4
- SHA1
  
  04966d9fabd6126f52bb3795db524255a456b8c2
- SHA256
  
  7ec4586db876bcb5acf814ffa0cf8b28a3d17083eccaca85816197772cd8af80
- SHA512
  
  f1aa90cb0db6f66895298f1b8860570e897cbbe4a74cff52a7d5397c61760ae00936a3d9de19102178b4fd4cdfd31ca6e82500c3e0b8a18f7f97162b3c9ad772
- SSDEEP
  
  24576:zrKqlGCPcJKwybUDwEZZODYmR9G+gnbkk6XRJfe3DqYO/KpLwFfngWX4VmJPak+:zrKo4ZwCOnYjVmJPa5
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2