Overview

overview

10

Static

static

88202ffc8a...8c.exe

windows7-x64

10

88202ffc8a...8c.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    88202ffc8a1869c198cfdbddd57ccb7e6a47b2b19c685e2cd04e708202ad318c

  • Size

    316KB

  • Sample

    221201-b1ajeacf66

  • MD5

    35c6236fdf757ab70d1d942fc9e9ee4c

  • SHA1

    2498729c2a29415c512738d9f0671a0443b45dd1

  • SHA256

    88202ffc8a1869c198cfdbddd57ccb7e6a47b2b19c685e2cd04e708202ad318c

  • SHA512

    70716424bad57b1db1c03972323459e5cb62afc83e910bb79b8fb554f5211677961f2f50b3b641a917172666782cdd305f5b999e2e2e26561c487585f4b6e2d7

  • SSDEEP

    6144:D/Bx3dwED1iFdv0hzfFDeuS9SvEcfGr+3XKohgvCwYim:D/r36cydbL9S/y+3XK5vCh

Score
10/10
evasion

Malware Config

Targets

    • Target

      88202ffc8a1869c198cfdbddd57ccb7e6a47b2b19c685e2cd04e708202ad318c

    • Size

      316KB

    • MD5

      35c6236fdf757ab70d1d942fc9e9ee4c

    • SHA1

      2498729c2a29415c512738d9f0671a0443b45dd1

    • SHA256

      88202ffc8a1869c198cfdbddd57ccb7e6a47b2b19c685e2cd04e708202ad318c

    • SHA512

      70716424bad57b1db1c03972323459e5cb62afc83e910bb79b8fb554f5211677961f2f50b3b641a917172666782cdd305f5b999e2e2e26561c487585f4b6e2d7

    • SSDEEP

      6144:D/Bx3dwED1iFdv0hzfFDeuS9SvEcfGr+3XKohgvCwYim:D/r36cydbL9S/y+3XK5vCh

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Disables taskbar notifications via registry modification

      evasion

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks