Overview

overview

8

Static

static

7483fb512c...47.exe

windows7-x64

8

7483fb512c...47.exe

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    7483fb512cd6d3f1e24cfb334cac2c68881c0eaec45891519f0537b57c3a4047

  • Size

    197KB

  • Sample

    221201-dymgasea5x

  • MD5

    edb3d9d639798e0cc6525f602ec9c477

  • SHA1

    0adcf3c50d9d134f9262dd468d7006accd204465

  • SHA256

    7483fb512cd6d3f1e24cfb334cac2c68881c0eaec45891519f0537b57c3a4047

  • SHA512

    9bcf6421da7e01c453841b859a373d77cd0b3d0c2347dffcdbdcc5e4175907e6dc7062330278d549266901e6ad411c0466c8d7e12d0fd3d60c95d0999c3f152f

  • SSDEEP

    3072:n950CzczUVf9fasGTqlfxn1PB5ET5XjGAtUbYGdbSxofc+bs0R3:95FIzUVf9fKq5x1p5ElKAOnIh+o63

Score
8/10
persistence

Malware Config

Targets

    • Target

      7483fb512cd6d3f1e24cfb334cac2c68881c0eaec45891519f0537b57c3a4047

    • Size

      197KB

    • MD5

      edb3d9d639798e0cc6525f602ec9c477

    • SHA1

      0adcf3c50d9d134f9262dd468d7006accd204465

    • SHA256

      7483fb512cd6d3f1e24cfb334cac2c68881c0eaec45891519f0537b57c3a4047

    • SHA512

      9bcf6421da7e01c453841b859a373d77cd0b3d0c2347dffcdbdcc5e4175907e6dc7062330278d549266901e6ad411c0466c8d7e12d0fd3d60c95d0999c3f152f

    • SSDEEP

      3072:n950CzczUVf9fasGTqlfxn1PB5ET5XjGAtUbYGdbSxofc+bs0R3:95FIzUVf9fKq5x1p5ElKAOnIh+o63

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks