Overview

overview

8

Static

static

3

d6a21061ab...27.exe

windows7-x64

8

d6a21061ab...27.exe

windows10-2004-x64

8

$TEMP/_xAETVucPo.dll

windows7-x64

7

$TEMP/_xAETVucPo.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    d6a21061abb39b9dd7ae9dbd9304f327

  • Size

    109KB

  • Sample

    240319-vd3ffsgh88

  • MD5

    d6a21061abb39b9dd7ae9dbd9304f327

  • SHA1

    b3b30ab31820f664c635b98d07519a69b93edc9e

  • SHA256

    ecb5a2af9de32ff9cfc4fbbaccc859db1114c963a9c5037e9a676cc791673d0d

  • SHA512

    aff9f0cc901e1686ebe537bd83204f1f6b0150b3842e263ae55ad72f0403632d776db4af7a8819e16d5f9d772ac19ab22d3f86ecc7770744d43f766b46e9f354

  • SSDEEP

    3072:IgXdZt9P6D3XJbCaNtxjl+RrqoOEPJs+/FyhzGl:Ie344kxkolTBGl

Score
8/10

Malware Config

Targets

    • Target

      d6a21061abb39b9dd7ae9dbd9304f327

    • Size

      109KB

    • MD5

      d6a21061abb39b9dd7ae9dbd9304f327

    • SHA1

      b3b30ab31820f664c635b98d07519a69b93edc9e

    • SHA256

      ecb5a2af9de32ff9cfc4fbbaccc859db1114c963a9c5037e9a676cc791673d0d

    • SHA512

      aff9f0cc901e1686ebe537bd83204f1f6b0150b3842e263ae55ad72f0403632d776db4af7a8819e16d5f9d772ac19ab22d3f86ecc7770744d43f766b46e9f354

    • SSDEEP

      3072:IgXdZt9P6D3XJbCaNtxjl+RrqoOEPJs+/FyhzGl:Ie344kxkolTBGl

    Score
    8/10

    • Blocklisted process makes network request

    • Loads dropped DLL

    behavioral1behavioral2

    • Target

      $TEMP/_xAETVucPo.dll

    • Size

      115KB

    • MD5

      9416e1db87177f450544da2a689d306c

    • SHA1

      64566fc8bd825cedd0a6ea02fa946b31b43ac591

    • SHA256

      65630ebeca5f5b7277ef4f6297766e758552e44eacf4f147945543aa9eb89124

    • SHA512

      a9d255c166c0b869a98629163b02ab5f506a6fff1370150186a50ba5ad6c88c56bb4eebf8ab716c7edb9066067acc59e710513b098acb1dd514b21500235f16a

    • SSDEEP

      3072:ZvzTzoDHyOXy1Ds3RfV+op91FF7B76VS/k0WunY8Pv:ZvzZWyoV+op91FF56VSzYc

    Score
    7/10

    • Deletes itself

    behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks