General

  • Target

    ba53816fe4305a9c1297a4ff4efed314e36d24a9d35ed2660c920c07a13cb2f7

  • Size

    1.4MB

  • Sample

    230806-xac3habg93

  • MD5

    9dd3dbef80d5e85eca28e39d44671e28

  • SHA1

    129f862bd5795bbe5195cddc902e8324944d3384

  • SHA256

    ba53816fe4305a9c1297a4ff4efed314e36d24a9d35ed2660c920c07a13cb2f7

  • SHA512

    faafa8eb9007e162c6496b32c80ff51c289c66ad11a72a6679a3f3fb57dc534dfafa99a7fa0ece5c33fa9e9b49e4ba5ec4196b7cc6060c15d1eb249976281741

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10

Malware Config

Targets

    • Target

      ba53816fe4305a9c1297a4ff4efed314e36d24a9d35ed2660c920c07a13cb2f7

    • Size

      1.4MB

    • MD5

      9dd3dbef80d5e85eca28e39d44671e28

    • SHA1

      129f862bd5795bbe5195cddc902e8324944d3384

    • SHA256

      ba53816fe4305a9c1297a4ff4efed314e36d24a9d35ed2660c920c07a13cb2f7

    • SHA512

      faafa8eb9007e162c6496b32c80ff51c289c66ad11a72a6679a3f3fb57dc534dfafa99a7fa0ece5c33fa9e9b49e4ba5ec4196b7cc6060c15d1eb249976281741

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    • Modifies Windows Firewall

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

MITRE ATT&CK Enterprise v15

Tasks