Overview

overview

7

Static

static

3

372344287a...cd.exe

windows7-x64

7

372344287a...cd.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    372344287ab22991e06f22ef21c904cd

  • Size

    98KB

  • Sample

    231231-p95ykahaa4

  • MD5

    372344287ab22991e06f22ef21c904cd

  • SHA1

    a6732adce0ab18e773438fc2446afd290de2422c

  • SHA256

    9fe7ca060c8ffea9ec9b2a092853adaa26d2b6d7388e0677546fae9696243d2b

  • SHA512

    ff5831513835e382fb19b94613c57ed829e4be9124c5212ac2c3d05e5d5c41127ffa02b9f8e407df8b45d9ceaa79497ac876b3ea6c9c9cbe3cbc59ba6bc20133

  • SSDEEP

    3072:46V87r/x8BZ/rWLfSo15FteivzoAkQpyTphpno:46er/c6eo1HteMoS4fpno

Score
7/10

Malware Config

Targets

    • Target

      372344287ab22991e06f22ef21c904cd

    • Size

      98KB

    • MD5

      372344287ab22991e06f22ef21c904cd

    • SHA1

      a6732adce0ab18e773438fc2446afd290de2422c

    • SHA256

      9fe7ca060c8ffea9ec9b2a092853adaa26d2b6d7388e0677546fae9696243d2b

    • SHA512

      ff5831513835e382fb19b94613c57ed829e4be9124c5212ac2c3d05e5d5c41127ffa02b9f8e407df8b45d9ceaa79497ac876b3ea6c9c9cbe3cbc59ba6bc20133

    • SSDEEP

      3072:46V87r/x8BZ/rWLfSo15FteivzoAkQpyTphpno:46er/c6eo1HteMoS4fpno

    Score
    7/10

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks