Overview

overview

7

Static

static

3

Grandparen...MB.exe

windows7-x64

7

Grandparen...MB.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    1aca78bbb0a0856f6589a64345c6ea79

  • Size

    338KB

  • Sample

    231224-3vhrdagfe2

  • MD5

    1aca78bbb0a0856f6589a64345c6ea79

  • SHA1

    3595326341315555c698a6540d21242d3bcb484c

  • SHA256

    e45468152c3a376218ec8b0cb2cc9f8efece58f225ea4528a8bc9ab0f74ce491

  • SHA512

    8ba1a1ce4c0e9d521755148a94677b3f5d6c626e286b00438f59beed8b2bee3ea79f6c902e0d4c377536fd91eb0272f6911e60fcab88425d1499ee17d8f0f8d1

  • SSDEEP

    6144:e1UArSOWtFErjdupyg3ocvYXSinF7Fg++u+IDz7hAR8H5cTUF4s:e1CEr+v+SinFpgQ+Eu6NH

Score
7/10

Malware Config

Targets

    • Target

      Grandparents Sex Movie 712MB.exe

    • Size

      206KB

    • MD5

      64f00527415111117e867168f5064c6c

    • SHA1

      40214eabd78090596157c33c815bbdff602efa99

    • SHA256

      c4f6b22cbe3bbc908765923e6c203115b3d983ab44dc144afec28c7ebfe04381

    • SHA512

      5c86c15c7fe01852711b7d9ea6ab4b832705c56dd4457626a75da34a352c957a322cd825ef9b3c0f8a05d7d9a50d859200296c54e81c20163b27d104b73a20fc

    • SSDEEP

      6144:SIqZDMi/rKOzwfZSaH9EWs4tKEhR1dU22:SIuuOkfZSaH2WPjR1dk

    Score
    7/10

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks