Overview

overview

8

Static

static

bba2c3d821...cf.exe

windows7-x64

8

bba2c3d821...cf.exe

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bba2c3d8217116ac1b19b6690f1f8f2fd085d1dda729a13bbb421f1895112acf

  • Size

    205KB

  • Sample

    221203-rm2czaca5z

  • MD5

    97bca49b880e8469049a0a0ff0001ce4

  • SHA1

    02091b1b4a72928e2085b5c2930bc94aae7f8783

  • SHA256

    bba2c3d8217116ac1b19b6690f1f8f2fd085d1dda729a13bbb421f1895112acf

  • SHA512

    2cb553dd529de9adec663cfcbc7881c62700d69da998fc9fa8dd8b8ddeb30f06cae6a0b93c15a8e0a8c67abcdbe6cd8c0840e0eebd7903398b4c8eaa9f64b4b3

  • SSDEEP

    3072:N7u3Xkhbxg725LqsPIXmheYlvlHj6osLNb/KR7EB+ZtIABJoIA:N7WiiKqsPIXmFf6NK7KWIATy

Score
8/10
persistence

Malware Config

Targets

    • Target

      bba2c3d8217116ac1b19b6690f1f8f2fd085d1dda729a13bbb421f1895112acf

    • Size

      205KB

    • MD5

      97bca49b880e8469049a0a0ff0001ce4

    • SHA1

      02091b1b4a72928e2085b5c2930bc94aae7f8783

    • SHA256

      bba2c3d8217116ac1b19b6690f1f8f2fd085d1dda729a13bbb421f1895112acf

    • SHA512

      2cb553dd529de9adec663cfcbc7881c62700d69da998fc9fa8dd8b8ddeb30f06cae6a0b93c15a8e0a8c67abcdbe6cd8c0840e0eebd7903398b4c8eaa9f64b4b3

    • SSDEEP

      3072:N7u3Xkhbxg725LqsPIXmheYlvlHj6osLNb/KR7EB+ZtIABJoIA:N7WiiKqsPIXmFf6NK7KWIATy

    Score
    8/10
    persistence

    • Executes dropped EXE

    • Registers COM server for autorun

      persistence

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks