ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852 | Triage

Submit
Reports

Overview

overview

8

Static

static

ba2bac6ee1...52.exe

windows7-x64

8

ba2bac6ee1...52.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852
Size

171KB
Sample

221203-rrxwcacd6y
MD5

8048c2407daf5357f8be87a3aea199ec
SHA1

a2f87bf8774080f4a3245d86a9bc774002aae913
SHA256

ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852
SHA512

856ba09a8c2032c446788ca7ad52aa9349b34d4ee6d174774a848c5260cc50b927432e60783de4dc97b2c2fe2b893742dfc50d06b5f4df68f09c7b74ff3285da
SSDEEP

3072:rQT7RtvboWoXN4VWx4A9OrDysXANb5wpZpv8zV4oY:UT7RpboWCP2ASpXm5w18zV3Y

Score

8^/10

Static task

static1

Behavioral task

behavioral1

Sample

ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852.exe

Resource

win7-20220812-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852
- Size
  
  171KB
- MD5
  
  8048c2407daf5357f8be87a3aea199ec
- SHA1
  
  a2f87bf8774080f4a3245d86a9bc774002aae913
- SHA256
  
  ba2bac6ee13b994faa5abb12c411666fa5f765c2e401eb5acb36a5ead3e44852
- SHA512
  
  856ba09a8c2032c446788ca7ad52aa9349b34d4ee6d174774a848c5260cc50b927432e60783de4dc97b2c2fe2b893742dfc50d06b5f4df68f09c7b74ff3285da
- SSDEEP
  
  3072:rQT7RtvboWoXN4VWx4A9OrDysXANb5wpZpv8zV4oY:UT7RpboWCP2ASpXm5w18zV3Y
Score

8^/10
- Executes dropped EXE
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy