9b1b8bc18de3e0d983a3a718c02aac75bc3b7ecea21d178b67db1a73b44fe889 | Triage

Sharing

General

Target

9b1b8bc18de3e0d983a3a718c02aac75bc3b7ecea21d178b67db1a73b44fe889
Size

361KB
Sample

221205-yx7fascc22
MD5

6b4a1969c968430be8c30044dde3a303
SHA1

75771b1274499cce5b8ac156e64bef576dd8e846
SHA256

9b1b8bc18de3e0d983a3a718c02aac75bc3b7ecea21d178b67db1a73b44fe889
SHA512

1861596936cae3039075ac58f6cbe557bd7dc022b6903116a5e93db948965e6ba7f0d85b698ce2f5936f20f404ab82e0fe3e339661c8eed9cd1cb82f2b0b6c0c
SSDEEP

6144:YflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:YflfAsiVGjSGecvX

Score

8^/10

Malware Config

Targets

- Target
  
  9b1b8bc18de3e0d983a3a718c02aac75bc3b7ecea21d178b67db1a73b44fe889
- Size
  
  361KB
- MD5
  
  6b4a1969c968430be8c30044dde3a303
- SHA1
  
  75771b1274499cce5b8ac156e64bef576dd8e846
- SHA256
  
  9b1b8bc18de3e0d983a3a718c02aac75bc3b7ecea21d178b67db1a73b44fe889
- SHA512
  
  1861596936cae3039075ac58f6cbe557bd7dc022b6903116a5e93db948965e6ba7f0d85b698ce2f5936f20f404ab82e0fe3e339661c8eed9cd1cb82f2b0b6c0c
- SSDEEP
  
  6144:YflfAsiL4lIJjiJcbI03GBc3ucY5DCSjX:YflfAsiVGjSGecvX
Score

8^/10
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2