Overview

overview

10

Static

static

a67466509d...11.exe

windows7-x64

10

a67466509d...11.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    a67466509d1358dce4897a5ef548ac09e6ff68e034061cb43d05e5d26aaf1a11

  • Size

    230KB

  • Sample

    221205-ga31xsef6w

  • MD5

    8c03e5de7dcf03cf433d3aad9834bb91

  • SHA1

    221ec9f7a94e64261d81a5ba3cf73989d934154b

  • SHA256

    a67466509d1358dce4897a5ef548ac09e6ff68e034061cb43d05e5d26aaf1a11

  • SHA512

    c9f8f5304b7102544dd8b74131af27c2a46bfec18bf15a96b3c8ccf2d0632ba356d5ba67550708da8505c5467582ce85fc8aa729a4435ed50389c455b0917ae2

  • SSDEEP

    6144:dqAxU7uHui6pWjwkOnbcYcftvAmuWPBxXdeI+xPT3g+jZ:JUhi6pWAbcY6BAr+bknrFN

Score
10/10
evasion

Malware Config

Targets

    • Target

      a67466509d1358dce4897a5ef548ac09e6ff68e034061cb43d05e5d26aaf1a11

    • Size

      230KB

    • MD5

      8c03e5de7dcf03cf433d3aad9834bb91

    • SHA1

      221ec9f7a94e64261d81a5ba3cf73989d934154b

    • SHA256

      a67466509d1358dce4897a5ef548ac09e6ff68e034061cb43d05e5d26aaf1a11

    • SHA512

      c9f8f5304b7102544dd8b74131af27c2a46bfec18bf15a96b3c8ccf2d0632ba356d5ba67550708da8505c5467582ce85fc8aa729a4435ed50389c455b0917ae2

    • SSDEEP

      6144:dqAxU7uHui6pWjwkOnbcYcftvAmuWPBxXdeI+xPT3g+jZ:JUhi6pWAbcY6BAr+bknrFN

    Score
    10/10
    evasion

    • Modifies firewall policy service

      evasion

    • Modifies security service

      evasion

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks