Overview

overview

8

Static

static

a063618123...20.exe

windows7-x64

8

a063618123...20.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a063618123b00a4e19e8d0be6ddc645c8827d5bbdc4aa8e45eb7939107a5fe20

  • Size

    216KB

  • Sample

    221206-2w8hraeg3z

  • MD5

    1fea20eff32964b1837d1df53c14c270

  • SHA1

    c691e89a87a12c64982346ebb14bb5459469c81a

  • SHA256

    a063618123b00a4e19e8d0be6ddc645c8827d5bbdc4aa8e45eb7939107a5fe20

  • SHA512

    c0c7bd940857db98cf8d0d0e8d364f3c205c4366ed307742d4fcf90ecffe19ca58670773131ffc0fee6bff70265092b4761dcc55471c3357b8da8f98e4a22cbc

  • SSDEEP

    3072:gYCuYzdXDA/0NEAMGKw2emntJiQPUEA3nn5ylkm6jUTFBl6bDnQJbMF659FE4C:KzM21RmXBUEA3nn5QngHoy6S4C

Score
8/10

Malware Config

Targets

    • Target

      a063618123b00a4e19e8d0be6ddc645c8827d5bbdc4aa8e45eb7939107a5fe20

    • Size

      216KB

    • MD5

      1fea20eff32964b1837d1df53c14c270

    • SHA1

      c691e89a87a12c64982346ebb14bb5459469c81a

    • SHA256

      a063618123b00a4e19e8d0be6ddc645c8827d5bbdc4aa8e45eb7939107a5fe20

    • SHA512

      c0c7bd940857db98cf8d0d0e8d364f3c205c4366ed307742d4fcf90ecffe19ca58670773131ffc0fee6bff70265092b4761dcc55471c3357b8da8f98e4a22cbc

    • SSDEEP

      3072:gYCuYzdXDA/0NEAMGKw2emntJiQPUEA3nn5ylkm6jUTFBl6bDnQJbMF659FE4C:KzM21RmXBUEA3nn5QngHoy6S4C

    Score
    8/10

    • Executes dropped EXE

    • Deletes itself

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks