Overview

overview

8

Static

static

c1ee585fa6...86.exe

windows7-x64

8

c1ee585fa6...86.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1ee585fa63d520dcaac8f9ab1861f5ca610051213f45b1ad09d124c5cb49d86

  • Size

    34KB

  • Sample

    221203-ya1z1ahf59

  • MD5

    22433b312ce49b70b9f4e0faa6afcb48

  • SHA1

    021a92937aa884de83d8787a273e747c48d52c63

  • SHA256

    c1ee585fa63d520dcaac8f9ab1861f5ca610051213f45b1ad09d124c5cb49d86

  • SHA512

    7f6ccecdeabb503d8559e654530a8d2fb24e8511f5f7a13753ded6bbaaab2d5efb0eaa0726cb5958957fe247966bf2120e47cc5e86ddeef3a943739ab96d9a24

  • SSDEEP

    768:GwkBWuF+Wk5uMXYxiGmsox40ebUKAUdI2gQa5WND1QHQ:GBBWuFfw7YxitsoL/+mVYuw

Score
8/10

Malware Config

Targets

    • Target

      c1ee585fa63d520dcaac8f9ab1861f5ca610051213f45b1ad09d124c5cb49d86

    • Size

      34KB

    • MD5

      22433b312ce49b70b9f4e0faa6afcb48

    • SHA1

      021a92937aa884de83d8787a273e747c48d52c63

    • SHA256

      c1ee585fa63d520dcaac8f9ab1861f5ca610051213f45b1ad09d124c5cb49d86

    • SHA512

      7f6ccecdeabb503d8559e654530a8d2fb24e8511f5f7a13753ded6bbaaab2d5efb0eaa0726cb5958957fe247966bf2120e47cc5e86ddeef3a943739ab96d9a24

    • SSDEEP

      768:GwkBWuF+Wk5uMXYxiGmsox40ebUKAUdI2gQa5WND1QHQ:GBBWuFfw7YxitsoL/+mVYuw

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks