ad88fe681594311db0f4d8b10a9f7cbe7fdfb7d8e6d1c52e84e1de43db30d179 | Triage

Resubmissions

11-06-2024 23:46

240611-3sksyswdma 7

Sharing

General

Target

UDP Flashflood v1.0.zip
Size

11KB
Sample

240611-3sksyswdma
MD5

53b973b725f00d5e8d87715c971face9
SHA1

3b49299b1145f6a79d8fa5bf592194e851b415e8
SHA256

ad88fe681594311db0f4d8b10a9f7cbe7fdfb7d8e6d1c52e84e1de43db30d179
SHA512

932ee52d188727771ac5cdb0bf20cbd59ca82f65b4382f431dc252bd968eb576c9a21a8edb7b21fab3788b7fb1340ed9260ae537896991877a28e6a2a05f7d29
SSDEEP

192:9rlfpGGy/BALK8KuZBHk3/GRT+8JfuVxR+e2TKwnpILjtlgxXSnyinR5Pz:NY/qKuZBHkGRT+LVxwe+KwnantlLnym

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  UDP Flashflood v1.0/UDP Flashflood v1.0 by BrutuS.exe
- Size
  
  48KB
- MD5
  
  5e2bed0f69ceef0fbd181db6de19968a
- SHA1
  
  fd9b1c2b9df237cb8f81ff74a4de9dbd83b25690
- SHA256
  
  cf272129a609777249355a1a1bef6d0748f0d096f01ce753fca83c0087062199
- SHA512
  
  ead9984e551897877838256b521486bc54990526b00451f05ed887453c4f0ce471f4fffde58bce8e36c545c121b8221df08e5dcf7378f2443f47f631fbf514f6
- SSDEEP
  
  384:IHZ8f14uBhVwLpxtaZSJCI/Qu5GbcelVCkOe:Iaf2uB7ZS4WqceDCX
Score

7^/10

discovery
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1