ccf6ec1c89b83e79822244787498282c7183211b0d545ec47d333c34e4dc916d | Triage

Sharing

General

Target

ccf6ec1c89b83e79822244787498282c7183211b0d545ec47d333c34e4dc916d
Size

124KB
Sample

221201-v3sybafb7z
MD5

a7247982cd47e17c64d43fc4d32ab7ad
SHA1

f5df20fb78e6c3201737e3c747cac16cfe221413
SHA256

ccf6ec1c89b83e79822244787498282c7183211b0d545ec47d333c34e4dc916d
SHA512

8eac1871cbba79b9aa0b356a2eb1f658eb63e87fa83628f12d1455b14aaf721f8e04cec7e90e4b82bbfba186f65a368cf033b610dfa5e501d4b4e0eb85c667e4
SSDEEP

1536:/tPr2/kPKMonowh4ooFoNyhUICkT2rLtp4fNGtJ2d9DUMymuGFYp4Py+i6m6j+:/9PPnonoroomISrLtpgNXdyp6m6j+

Score

8^/10

Malware Config

Targets

- Target
  
  ccf6ec1c89b83e79822244787498282c7183211b0d545ec47d333c34e4dc916d
- Size
  
  124KB
- MD5
  
  a7247982cd47e17c64d43fc4d32ab7ad
- SHA1
  
  f5df20fb78e6c3201737e3c747cac16cfe221413
- SHA256
  
  ccf6ec1c89b83e79822244787498282c7183211b0d545ec47d333c34e4dc916d
- SHA512
  
  8eac1871cbba79b9aa0b356a2eb1f658eb63e87fa83628f12d1455b14aaf721f8e04cec7e90e4b82bbfba186f65a368cf033b610dfa5e501d4b4e0eb85c667e4
- SSDEEP
  
  1536:/tPr2/kPKMonowh4ooFoNyhUICkT2rLtp4fNGtJ2d9DUMymuGFYp4Py+i6m6j+:/9PPnonoroomISrLtpgNXdyp6m6j+
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2