Overview

overview

8

Static

static

3

86326c92a6...d8.dll

windows7-x64

5

86326c92a6...d8.dll

windows10-2004-x64

8

Sharing

Copy URL Twitter E-mail

General

  • Target

    86326c92a6849682d4d44f907afbd637919d326649bbdd8220a9c0a9b79341d8

  • Size

    5.4MB

  • Sample

    240612-hfhslstalc

  • MD5

    939cbf795e189138fd0800b845833746

  • SHA1

    c061f1e77feec67b301a9bccdac83caf7bc95168

  • SHA256

    86326c92a6849682d4d44f907afbd637919d326649bbdd8220a9c0a9b79341d8

  • SHA512

    30e414e44e8df131f4f1c8b9705bd640e60eebd6429bbfe8edea3372af55dbfe39626debbbc2d600544a4928ce441412b2f9857a3cc7963a103d0bbb7b2493c1

  • SSDEEP

    98304:NcY53mNsbTMihhi95dnrfHs+LeQ7oGJh543kSuHh6H1:NVW2TlQvdrPLXoY43LuHg

Score
8/10

Malware Config

Targets

    • Target

      86326c92a6849682d4d44f907afbd637919d326649bbdd8220a9c0a9b79341d8

    • Size

      5.4MB

    • MD5

      939cbf795e189138fd0800b845833746

    • SHA1

      c061f1e77feec67b301a9bccdac83caf7bc95168

    • SHA256

      86326c92a6849682d4d44f907afbd637919d326649bbdd8220a9c0a9b79341d8

    • SHA512

      30e414e44e8df131f4f1c8b9705bd640e60eebd6429bbfe8edea3372af55dbfe39626debbbc2d600544a4928ce441412b2f9857a3cc7963a103d0bbb7b2493c1

    • SSDEEP

      98304:NcY53mNsbTMihhi95dnrfHs+LeQ7oGJh543kSuHh6H1:NVW2TlQvdrPLXoY43LuHg

    Score
    8/10

    • Blocklisted process makes network request

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks