Overview

overview

8

Static

static

bf6b67a5df...2c.exe

windows7-x64

8

bf6b67a5df...2c.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bf6b67a5df350e9cb6398099f4e686d4e56466b581ee9005bc04403732a3492c

  • Size

    188KB

  • Sample

    221203-gp3cyaea9y

  • MD5

    6da5ee660216c6913a367ce0bbebec5b

  • SHA1

    a6073969d46b2bc46121db1c5284ee5cab3b82c6

  • SHA256

    bf6b67a5df350e9cb6398099f4e686d4e56466b581ee9005bc04403732a3492c

  • SHA512

    179cf32e3ad980e3d3636743c19ad999b571aa46891305f625b9b8d745eca0c15dd015e0c7625c4746d0c8ed2613bdd77ed5176a46d5183934187dcfcca18895

  • SSDEEP

    3072:u2OJOuEEQfggvl/NpoCFKDLccIONBYQtyJ3rxXYRmJBUv4DWKj7Np+BfZhq:u4uagMbFncIODdy9towERG7KY

Score
8/10

Malware Config

Targets

    • Target

      bf6b67a5df350e9cb6398099f4e686d4e56466b581ee9005bc04403732a3492c

    • Size

      188KB

    • MD5

      6da5ee660216c6913a367ce0bbebec5b

    • SHA1

      a6073969d46b2bc46121db1c5284ee5cab3b82c6

    • SHA256

      bf6b67a5df350e9cb6398099f4e686d4e56466b581ee9005bc04403732a3492c

    • SHA512

      179cf32e3ad980e3d3636743c19ad999b571aa46891305f625b9b8d745eca0c15dd015e0c7625c4746d0c8ed2613bdd77ed5176a46d5183934187dcfcca18895

    • SSDEEP

      3072:u2OJOuEEQfggvl/NpoCFKDLccIONBYQtyJ3rxXYRmJBUv4DWKj7Np+BfZhq:u4uagMbFncIODdy9towERG7KY

    Score
    8/10

    • Executes dropped EXE

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks