Overview

overview

10

Static

static

947192c7d7...60.exe

windows7-x64

10

947192c7d7...60.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    947192c7d7cb519623b3cdd2b610a217d05ecb1c084d848c85e7a5f414e03860

  • Size

    231KB

  • Sample

    221129-ftfjascb5v

  • MD5

    68e24cfa291ff9b4f989115e529c32f1

  • SHA1

    8ecd33327ed3c563dda198ff36bf6738c7a4d840

  • SHA256

    947192c7d7cb519623b3cdd2b610a217d05ecb1c084d848c85e7a5f414e03860

  • SHA512

    92cd5436d97eae8c0c00b95bc8881a0ab78eaf1432894503cd47235f650e9ad6dd070a4ddaf874f31b2a9b289259132e66ffc0f40cd1fe1e87ad1ef18a17b910

  • SSDEEP

    6144:xwvGocGmWdsmXbziB/Qn3yqEvNmrlbCQ/ro/M/bLA:xYGo5mWamX/W/QnCbQhT1I

Score
10/10
evasion

Malware Config

Targets

    • Target

      947192c7d7cb519623b3cdd2b610a217d05ecb1c084d848c85e7a5f414e03860

    • Size

      231KB

    • MD5

      68e24cfa291ff9b4f989115e529c32f1

    • SHA1

      8ecd33327ed3c563dda198ff36bf6738c7a4d840

    • SHA256

      947192c7d7cb519623b3cdd2b610a217d05ecb1c084d848c85e7a5f414e03860

    • SHA512

      92cd5436d97eae8c0c00b95bc8881a0ab78eaf1432894503cd47235f650e9ad6dd070a4ddaf874f31b2a9b289259132e66ffc0f40cd1fe1e87ad1ef18a17b910

    • SSDEEP

      6144:xwvGocGmWdsmXbziB/Qn3yqEvNmrlbCQ/ro/M/bLA:xYGo5mWamX/W/QnCbQhT1I

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks