Overview

overview

7

Static

static

3

SecuriteIn...17.exe

windows7-x64

7

SecuriteIn...17.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    SecuriteInfo.com.Trojan-Dropper.Win32.Agent.14846.12417.exe

  • Size

    4.6MB

  • Sample

    231231-qmskdsdbe4

  • MD5

    1311aa7895f46a039af8f407c088a205

  • SHA1

    1ee79376985fb2bb6eeb056499fc507b947a101c

  • SHA256

    fd9f84df12e525770db0b9b0a0c9d0e9346ad9baee91be658122acd4704a8e85

  • SHA512

    34593a9ca2892c0a58c4a41a533166278353c81fee85e3041e102365c57dcf67145279dd5ff7ef8ccc2aea2643ce57e4c4d362e8bb5626ea0bf50cfcd30d9199

  • SSDEEP

    98304:QuLx9+RszZVHb+KS+hKjrW/8LeUCATH/P51Nv0FmboaaYmys4dm8:Dl3He+hCro8flH51j5ts4dD

Score
7/10
discovery

Malware Config

Targets

    • Target

      SecuriteInfo.com.Trojan-Dropper.Win32.Agent.14846.12417.exe

    • Size

      4.6MB

    • MD5

      1311aa7895f46a039af8f407c088a205

    • SHA1

      1ee79376985fb2bb6eeb056499fc507b947a101c

    • SHA256

      fd9f84df12e525770db0b9b0a0c9d0e9346ad9baee91be658122acd4704a8e85

    • SHA512

      34593a9ca2892c0a58c4a41a533166278353c81fee85e3041e102365c57dcf67145279dd5ff7ef8ccc2aea2643ce57e4c4d362e8bb5626ea0bf50cfcd30d9199

    • SSDEEP

      98304:QuLx9+RszZVHb+KS+hKjrW/8LeUCATH/P51Nv0FmboaaYmys4dm8:Dl3He+hCro8flH51j5ts4dD

    Score
    7/10
    discovery

    • Executes dropped EXE

    • Loads dropped DLL

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks