Overview

overview

10

Static

static

f437c7818b...97.dll

windows7-x64

10

f437c7818b...97.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    f437c7818bd92d5ba08b92a8dcadff6fd6748c697f73008cda42ec0951b2cd97

  • Size

    301KB

  • Sample

    221203-nbn2qaec59

  • MD5

    0536dcbd92c02cb8549e7b4d6f6d14e5

  • SHA1

    e9c32cb61487f786b5a741cd6002b8d186e0ee0b

  • SHA256

    f437c7818bd92d5ba08b92a8dcadff6fd6748c697f73008cda42ec0951b2cd97

  • SHA512

    e538e5df2d3d99575363fee9d72cd95b966f58bec777a78dda510eaa45c02cdf352dc7b4e913e781641f9568efe4b4881151100e366451cebf9c555e75b0081b

  • SSDEEP

    6144:TAUUyJ6UztVT59mxcVXdkr9EAa0szsBmVMM8/w:TAmVT6c/1Rf

Score
10/10
evasion

Malware Config

Targets

    • Target

      f437c7818bd92d5ba08b92a8dcadff6fd6748c697f73008cda42ec0951b2cd97

    • Size

      301KB

    • MD5

      0536dcbd92c02cb8549e7b4d6f6d14e5

    • SHA1

      e9c32cb61487f786b5a741cd6002b8d186e0ee0b

    • SHA256

      f437c7818bd92d5ba08b92a8dcadff6fd6748c697f73008cda42ec0951b2cd97

    • SHA512

      e538e5df2d3d99575363fee9d72cd95b966f58bec777a78dda510eaa45c02cdf352dc7b4e913e781641f9568efe4b4881151100e366451cebf9c555e75b0081b

    • SSDEEP

      6144:TAUUyJ6UztVT59mxcVXdkr9EAa0szsBmVMM8/w:TAmVT6c/1Rf

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Disables taskbar notifications via registry modification

      evasion

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks