Overview

overview

8

Static

static

d1ba2091c5...80.exe

windows7-x64

8

d1ba2091c5...80.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1ba2091c52a840e80a8563a3870cc2b1bad41c9d205e19d4e845ee4f774db80

  • Size

    64KB

  • Sample

    221206-qlt2tsef9v

  • MD5

    656c54728398b591a5cfac76d206e097

  • SHA1

    13fb21e405360dba19a264b482276676bc51f49f

  • SHA256

    d1ba2091c52a840e80a8563a3870cc2b1bad41c9d205e19d4e845ee4f774db80

  • SHA512

    255c5417327c7e05ac7638323556bfa8763a660adad8120f6d43944154d100d1b7bd81e34c8fdc26c25b4ab8188023298f88238539acb6096406178cabcb0587

  • SSDEEP

    768:bBwa3wLSqZkETG/j53wbU4oF4/EOi97emHGqn5DLDdQOn2skZI:r3wLSeK/FqU4/PHmHGq5DndQ0272

Score
8/10

Malware Config

Targets

    • Target

      d1ba2091c52a840e80a8563a3870cc2b1bad41c9d205e19d4e845ee4f774db80

    • Size

      64KB

    • MD5

      656c54728398b591a5cfac76d206e097

    • SHA1

      13fb21e405360dba19a264b482276676bc51f49f

    • SHA256

      d1ba2091c52a840e80a8563a3870cc2b1bad41c9d205e19d4e845ee4f774db80

    • SHA512

      255c5417327c7e05ac7638323556bfa8763a660adad8120f6d43944154d100d1b7bd81e34c8fdc26c25b4ab8188023298f88238539acb6096406178cabcb0587

    • SSDEEP

      768:bBwa3wLSqZkETG/j53wbU4oF4/EOi97emHGqn5DLDdQOn2skZI:r3wLSeK/FqU4/PHmHGq5DndQ0272

    Score
    8/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks