General

  • Target

    76a52e0f78bae48b993dc88bf482c7e3

  • Size

    174KB

  • Sample

    231226-r5k4psggbj

  • MD5

    76a52e0f78bae48b993dc88bf482c7e3

  • SHA1

    85a42787e8b3eb538737abbe672f7a91b00097d9

  • SHA256

    8f03db3ed48b5c5d6841f69cd8128380b12b65c1d718430e7cd5761589aa4885

  • SHA512

    df44cff99ece46a6c908823aa329d3835027d3bb4b64034eebe9453a8ddda4b86b8f2aa270a3dab33fc169d532b0ee853d4f613f10dc9c99e1008d6f01a0cd54

  • SSDEEP

    3072:50MT/8vPJvm/or+pzA7FF5iVDrvGai3OUanp5oYOArPfOKQDpl0XxThtONuCfmW:msqdKVUf50rv8Ha3oYOArW7Dr0X5IuCl

Score
7/10

Malware Config

Targets

    • Target

      76a52e0f78bae48b993dc88bf482c7e3

    • Size

      174KB

    • MD5

      76a52e0f78bae48b993dc88bf482c7e3

    • SHA1

      85a42787e8b3eb538737abbe672f7a91b00097d9

    • SHA256

      8f03db3ed48b5c5d6841f69cd8128380b12b65c1d718430e7cd5761589aa4885

    • SHA512

      df44cff99ece46a6c908823aa329d3835027d3bb4b64034eebe9453a8ddda4b86b8f2aa270a3dab33fc169d532b0ee853d4f613f10dc9c99e1008d6f01a0cd54

    • SSDEEP

      3072:50MT/8vPJvm/or+pzA7FF5iVDrvGai3OUanp5oYOArPfOKQDpl0XxThtONuCfmW:msqdKVUf50rv8Ha3oYOArW7Dr0X5IuCl

    Score
    7/10
    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • Registers COM server for autorun

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Drops desktop.ini file(s)

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks