ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c | Triage

Submit
Reports

Overview

overview

Static

static

ae42002642...1c.exe

windows7-x64

ae42002642...1c.exe

windows10-2004-x64

7

Sharing

General

Target

ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c
Size

193KB
Sample

221205-gazy9sae34
MD5

f442030f5eddb3d904b1767ddd739f60
SHA1

721d14089ac54354fc8153f254ca73fdbf769bda
SHA256

ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c
SHA512

1c800eef93c7cd4017b138a11e312e460f98bf63f818c84601138aac10c4ee50c74b4839383fd11fbae66f009e866c4af661097f247a315c1c758e203c36ffbf
SSDEEP

6144:go3QGUO4lALlcurLcjJP4bnmblo7ZV28RyXZOYUovVJ:vQXlAxcu0J/blot98ZOJc

Score

10^/10

evasion

Static task

static1

Behavioral task

behavioral1

Sample

ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c.exe

Resource

win7-20220901-en

windows7-x64

14 signatures

150 seconds

Behavioral task

behavioral2

Sample

ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c.exe

Resource

win10v2004-20221111-en

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c
- Size
  
  193KB
- MD5
  
  f442030f5eddb3d904b1767ddd739f60
- SHA1
  
  721d14089ac54354fc8153f254ca73fdbf769bda
- SHA256
  
  ae42002642b66749e3c90d87ceefef90d9b779264098a382f9beca8fa3e51e1c
- SHA512
  
  1c800eef93c7cd4017b138a11e312e460f98bf63f818c84601138aac10c4ee50c74b4839383fd11fbae66f009e866c4af661097f247a315c1c758e203c36ffbf
- SSDEEP
  
  6144:go3QGUO4lALlcurLcjJP4bnmblo7ZV28RyXZOYUovVJ:vQXlAxcu0J/blot98ZOJc
Score

10^/10

evasion
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy