Overview

overview

8

Static

static

bc313c466f...21.exe

windows7-x64

8

bc313c466f...21.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bc313c466f85232c04f372c16b7888568266d48f02385c299f605d2f91ec7d21

  • Size

    332KB

  • Sample

    221203-g2gxrseh8s

  • MD5

    833c9c02449e5b52cfe1bce518444bbf

  • SHA1

    4161a6e4c89b2a61fdb0be806cffe64dca5c0227

  • SHA256

    bc313c466f85232c04f372c16b7888568266d48f02385c299f605d2f91ec7d21

  • SHA512

    bd1e2c516a79fd960bee2135c475ba1adeda15fd9ad91a99a59961bbfe8a28716cadf63ebdf71c84198b12ee78a2eb781dff3e942e79749e0b325d4924b26aa8

  • SSDEEP

    3072:DJNtFYcXJaDj3o4jjGRmaD/K3vUFORGgSSB:bjanGRmaD/KCqB

Score
8/10
evasion

Malware Config

Targets

    • Target

      bc313c466f85232c04f372c16b7888568266d48f02385c299f605d2f91ec7d21

    • Size

      332KB

    • MD5

      833c9c02449e5b52cfe1bce518444bbf

    • SHA1

      4161a6e4c89b2a61fdb0be806cffe64dca5c0227

    • SHA256

      bc313c466f85232c04f372c16b7888568266d48f02385c299f605d2f91ec7d21

    • SHA512

      bd1e2c516a79fd960bee2135c475ba1adeda15fd9ad91a99a59961bbfe8a28716cadf63ebdf71c84198b12ee78a2eb781dff3e942e79749e0b325d4924b26aa8

    • SSDEEP

      3072:DJNtFYcXJaDj3o4jjGRmaD/K3vUFORGgSSB:bjanGRmaD/KCqB

    Score
    8/10
    evasion

    • Executes dropped EXE

    • Modifies Windows Firewall

      evasion

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks