Overview

overview

7

Static

static

3

39d11a7c0c...f3.exe

windows7-x64

7

39d11a7c0c...f3.exe

windows10-1703-x64

7

39d11a7c0c...f3.exe

windows10-2004-x64

7

39d11a7c0c...f3.exe

windows11-21h2-x64

7

Resubmissions

11/04/2024, 07:38

240411-jgeysahh8y 7

11/04/2024, 07:37

240411-jfzlsshh7z 10

11/04/2024, 07:37

240411-jfyz9shh7y 10

11/04/2024, 07:36

240411-jfqnwseg78 7

11/04/2024, 07:36

240411-jfp3cshh7t 7

07/04/2024, 09:41

240407-ln9g3sad85 7

07/04/2024, 09:41

240407-ln4a3aad82 7

07/04/2024, 09:41

240407-lnxhhsad77 7

07/04/2024, 09:41

240407-lnq1qsad73 7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    39d11a7c0c4286ab2fa318d37cb3c3f3.exe

  • Size

    1.9MB

  • Sample

    240407-lnxhhsad77

  • MD5

    39d11a7c0c4286ab2fa318d37cb3c3f3

  • SHA1

    c18444d8d82b628100ac6d7b33c873884be99897

  • SHA256

    48ee5e003fdd3d8c6b50ffb7931e5562ef3d04b7b411d8cf89118655da5c0e03

  • SHA512

    3b24266cfda84af111551bb35111b1816739ffb971ee9ed26f20d3463abb7e7cc7f301bd29b0fed9f68b40a2e43e8b8fbb3c3776f3ea78eb875e0327f52d5a10

  • SSDEEP

    49152:CeZz2gwNjPDGrcflSdRwwlM2oTPHUcmdfgL:hQg0iyqwwlJyLmB

Score
7/10
persistenceupx

Malware Config

Targets

    • Target

      39d11a7c0c4286ab2fa318d37cb3c3f3.exe

    • Size

      1.9MB

    • MD5

      39d11a7c0c4286ab2fa318d37cb3c3f3

    • SHA1

      c18444d8d82b628100ac6d7b33c873884be99897

    • SHA256

      48ee5e003fdd3d8c6b50ffb7931e5562ef3d04b7b411d8cf89118655da5c0e03

    • SHA512

      3b24266cfda84af111551bb35111b1816739ffb971ee9ed26f20d3463abb7e7cc7f301bd29b0fed9f68b40a2e43e8b8fbb3c3776f3ea78eb875e0327f52d5a10

    • SSDEEP

      49152:CeZz2gwNjPDGrcflSdRwwlM2oTPHUcmdfgL:hQg0iyqwwlJyLmB

    Score
    7/10
    persistenceupx

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1behavioral2behavioral3behavioral4

MITRE ATT&CK Enterprise v15

Tasks