Overview

overview

8

Static

static

9d3eb7bef6...f0.exe

windows7-x64

8

9d3eb7bef6...f0.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    9d3eb7bef6e24be9a7e8c99bb04253d34a15d48c9b42f3f4a869b9feba8fb1f0

  • Size

    39KB

  • Sample

    221204-gpv9macc79

  • MD5

    ca505fc97b025e9d25487dea8e6bc0e2

  • SHA1

    53b79f9c2277a87b669dada2cf5166dde5308138

  • SHA256

    9d3eb7bef6e24be9a7e8c99bb04253d34a15d48c9b42f3f4a869b9feba8fb1f0

  • SHA512

    1f8df3b990f3a7a7e7bf4c082f1ac4ef2f63bcd5311460ace2de8cbfc7cdf8ddfb2affb34f0b4f6ea3dc2ed1b190d651b19d861c93e884a41bb77662ceb0bc46

  • SSDEEP

    768:30hvZ7K2gJSRzmKxBqg+9ZPba3QagR9DZGYVW6YXcTLNNi:kHSEHBq95XagR9lGYV/I

Score
8/10

Malware Config

Targets

    • Target

      9d3eb7bef6e24be9a7e8c99bb04253d34a15d48c9b42f3f4a869b9feba8fb1f0

    • Size

      39KB

    • MD5

      ca505fc97b025e9d25487dea8e6bc0e2

    • SHA1

      53b79f9c2277a87b669dada2cf5166dde5308138

    • SHA256

      9d3eb7bef6e24be9a7e8c99bb04253d34a15d48c9b42f3f4a869b9feba8fb1f0

    • SHA512

      1f8df3b990f3a7a7e7bf4c082f1ac4ef2f63bcd5311460ace2de8cbfc7cdf8ddfb2affb34f0b4f6ea3dc2ed1b190d651b19d861c93e884a41bb77662ceb0bc46

    • SSDEEP

      768:30hvZ7K2gJSRzmKxBqg+9ZPba3QagR9DZGYVW6YXcTLNNi:kHSEHBq95XagR9lGYV/I

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks