c401d1f8b1d3c6cb59a37c1c7974168f754fc3b922ac6bf8f83374b4609e1908 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

4ec76b9e74...12.exe

windows7-x64

7

4ec76b9e74...12.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

4ec76b9e741586ba14413b3a5756ca12
Size

221KB
Sample

240109-tsn1yadhfq
MD5

4ec76b9e741586ba14413b3a5756ca12
SHA1

1fc5d6c3c66839d29ecf17551acecfe8e0a94c17
SHA256

c401d1f8b1d3c6cb59a37c1c7974168f754fc3b922ac6bf8f83374b4609e1908
SHA512

4a466548d57e6c0300665f739c50b7b135d0e1329cc35181d86a338e00213dc00071fc599818f3b70d881d7e2c2bf07ea0c305e4a57e43813ce8cf477216fd45
SSDEEP

3072:pxj19yYREveOn198rGuHnpyuUDsLrEJQQKzaisXRHvXBghdtq9iwA80Jpl/LxKL:frG2rxHns5wrGisRmhdtqcHlDQ

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

4ec76b9e741586ba14413b3a5756ca12.exe

Resource

win7-20231215-en

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

4ec76b9e741586ba14413b3a5756ca12.exe

Resource

win10v2004-20231215-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  4ec76b9e741586ba14413b3a5756ca12
- Size
  
  221KB
- MD5
  
  4ec76b9e741586ba14413b3a5756ca12
- SHA1
  
  1fc5d6c3c66839d29ecf17551acecfe8e0a94c17
- SHA256
  
  c401d1f8b1d3c6cb59a37c1c7974168f754fc3b922ac6bf8f83374b4609e1908
- SHA512
  
  4a466548d57e6c0300665f739c50b7b135d0e1329cc35181d86a338e00213dc00071fc599818f3b70d881d7e2c2bf07ea0c305e4a57e43813ce8cf477216fd45
- SSDEEP
  
  3072:pxj19yYREveOn198rGuHnpyuUDsLrEJQQKzaisXRHvXBghdtq9iwA80Jpl/LxKL:frG2rxHns5wrGisRmhdtqcHlDQ
Score

7^/10
- Deletes itself
- Executes dropped EXE
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Drops desktop.ini file(s)
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy