7075443ef89205edb3ff4ba66ebba7f08bb1e0bd5b91ae2a77c35336b282328d | Triage

Sharing

General

Target

7075443ef89205edb3ff4ba66ebba7f08bb1e0bd5b91ae2a77c35336b282328d
Size

44KB
Sample

221201-dyv4faea7t
MD5

3fcc4f9ac351a2d0895f8107e03d8d60
SHA1

3669b92cd54b0920db21c5e47cff58ccedff0360
SHA256

7075443ef89205edb3ff4ba66ebba7f08bb1e0bd5b91ae2a77c35336b282328d
SHA512

019306ba90c88604b8229cdcf1a1393be77fcfdd5652263f14dda871f2e6590d021beb19460bf070f2d701049be485837b74c06edbb68d41af7ce6737ad72bcd
SSDEEP

768:hN44lTtzFVww5zZ8kI7IOZKSJOLW0y0lKAdd:hN44lhzUw598k7o3J7zQKAdd

Score

7^/10

Malware Config

Targets

- Target
  
  7075443ef89205edb3ff4ba66ebba7f08bb1e0bd5b91ae2a77c35336b282328d
- Size
  
  44KB
- MD5
  
  3fcc4f9ac351a2d0895f8107e03d8d60
- SHA1
  
  3669b92cd54b0920db21c5e47cff58ccedff0360
- SHA256
  
  7075443ef89205edb3ff4ba66ebba7f08bb1e0bd5b91ae2a77c35336b282328d
- SHA512
  
  019306ba90c88604b8229cdcf1a1393be77fcfdd5652263f14dda871f2e6590d021beb19460bf070f2d701049be485837b74c06edbb68d41af7ce6737ad72bcd
- SSDEEP
  
  768:hN44lTtzFVww5zZ8kI7IOZKSJOLW0y0lKAdd:hN44lhzUw598k7o3J7zQKAdd
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Maps connected drives based on registry
  Disk information is often read in order to detect sandboxing environments.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2