4ddf0408c22849ed80649a20379672c97073c1f99a35d1b81979cfb389f36b3d | Triage

Submit
Reports

Overview

overview

7

Static

static

3

43ded00f16...62.exe

windows7-x64

7

43ded00f16...62.exe

windows10-2004-x64

7

Sharing

General

Target

43ded00f1699a0f58cc51441e55f3cf6f85ae23fa467af8d4307e8f77ec12862
Size

7.6MB
Sample

231212-ls6a8acdb7
MD5

66d7bc406316723bcd565be4d54a3675
SHA1

eec16869700a0a9ef5ae67c744ba581041c6566b
SHA256

4ddf0408c22849ed80649a20379672c97073c1f99a35d1b81979cfb389f36b3d
SHA512

69a45d14adeb0ae0e74666b1c1b7bc072032bd71b9a4dbc373180e0bbfe836e26e359c6bb1b167336638c7ab5da1160b4fe4d9724ea2c1d5b0a7e2ce81173f7c
SSDEEP

196608:CRFP4ENi9MpYrHXOcC1YSc7r5vhkOidtvHKrfX:qFP4ENqxr+x1YNZeOrfX

Score

7^/10

discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

43ded00f1699a0f58cc51441e55f3cf6f85ae23fa467af8d4307e8f77ec12862.exe

Resource

win7-20231023-en

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

43ded00f1699a0f58cc51441e55f3cf6f85ae23fa467af8d4307e8f77ec12862.exe

Resource

win10v2004-20231127-en

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Targets

- Target
  
  43ded00f1699a0f58cc51441e55f3cf6f85ae23fa467af8d4307e8f77ec12862
- Size
  
  7.6MB
- MD5
  
  6c061d09cd6a28ed724505759d9e999b
- SHA1
  
  9986eea1dbe4dc9c852208dacd0692189dfe0910
- SHA256
  
  43ded00f1699a0f58cc51441e55f3cf6f85ae23fa467af8d4307e8f77ec12862
- SHA512
  
  5c7c57a3196a18f046515cbe74642a86284cbdaad5ea8ac59a3849db69e92a0511ccbed89b487c555e95d23b74fc59755e476d2b960bcad1e97a94de9031cb6b
- SSDEEP
  
  196608:0nnY8NWvGpWTTlm0OxwW+nFnfZsMUdFt30Dzj:0nnY8NELTIrxwlxQWDzj
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy