9e811079d1d63f46c9296c3e8edbee380b407071b98532ed2d3c3c208606a92b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9e811079d1d63f46c9296c3e8edbee380b407071b98532ed2d3c3c208606a92b
Size

92KB
Sample

221205-m1k6pace44
MD5

06b8ac2e0629e9af0be6994a5ebc0baa
SHA1

993ccfd6d6711b777d8813a29df0698b0243efcd
SHA256

9e811079d1d63f46c9296c3e8edbee380b407071b98532ed2d3c3c208606a92b
SHA512

23853452670d84e73f5e25f9824312ac59a671e78c6fab9e9feadd78d5b403744090c05aa37abc67e60d661e2065c3e1f9087cde4a27cf16365332b341193e66
SSDEEP

1536:jM0gNI+RqihfQxtQg1nhFc9pJpk+tCwmg+Q6buWkJ2/tnJs1v8pEekNEkpYA0g:jMbI+RFQxjJGJpTP65vFLGjNE5o

Score

8^/10

Malware Config

Targets

- Target
  
  9e811079d1d63f46c9296c3e8edbee380b407071b98532ed2d3c3c208606a92b
- Size
  
  92KB
- MD5
  
  06b8ac2e0629e9af0be6994a5ebc0baa
- SHA1
  
  993ccfd6d6711b777d8813a29df0698b0243efcd
- SHA256
  
  9e811079d1d63f46c9296c3e8edbee380b407071b98532ed2d3c3c208606a92b
- SHA512
  
  23853452670d84e73f5e25f9824312ac59a671e78c6fab9e9feadd78d5b403744090c05aa37abc67e60d661e2065c3e1f9087cde4a27cf16365332b341193e66
- SSDEEP
  
  1536:jM0gNI+RqihfQxtQg1nhFc9pJpk+tCwmg+Q6buWkJ2/tnJs1v8pEekNEkpYA0g:jMbI+RFQxjJGJpTP65vFLGjNE5o
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2