General

  • Target

    4fa6c1c17e7c1296d9eef7676b948c46

  • Size

    75KB

  • Sample

    231226-dtzaaseccm

  • MD5

    4fa6c1c17e7c1296d9eef7676b948c46

  • SHA1

    27bdc174fa02ff18f4d5bafd622d46fdb9bd1b3f

  • SHA256

    02d1aed87366355321948056b3b3ebeb32b12d4db7423bae8b31d174d72d4da8

  • SHA512

    e5fa924db2facf47cd8ea14878c51be73dd81311d67aea05c3c5106817763e50d3d60667987ab76f98f6a0c2378c443fc99a4e526e093e81693548b282604d81

  • SSDEEP

    1536:RGjac6lUu4sjBS28Ck89bcRobapREOm9FbOBWVe/bEw3BWF17xwhHKnLB8NhZg/3:RG+baBL30F11whqnNz/OB/q

Score
8/10

Malware Config

Targets

    • Target

      4fa6c1c17e7c1296d9eef7676b948c46

    • Size

      75KB

    • MD5

      4fa6c1c17e7c1296d9eef7676b948c46

    • SHA1

      27bdc174fa02ff18f4d5bafd622d46fdb9bd1b3f

    • SHA256

      02d1aed87366355321948056b3b3ebeb32b12d4db7423bae8b31d174d72d4da8

    • SHA512

      e5fa924db2facf47cd8ea14878c51be73dd81311d67aea05c3c5106817763e50d3d60667987ab76f98f6a0c2378c443fc99a4e526e093e81693548b282604d81

    • SSDEEP

      1536:RGjac6lUu4sjBS28Ck89bcRobapREOm9FbOBWVe/bEw3BWF17xwhHKnLB8NhZg/3:RG+baBL30F11whqnNz/OB/q

    Score
    8/10
    • Modifies Windows Firewall

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks