b02d54d3bdc31e0de0c404fa75343605e2137789e93afb46e4fdca894b082fab | Triage

Resubmissions

04/09/2024, 18:34

240904-w7666svbrr 7

04/09/2024, 18:30

240904-w5wbwsvbqk 7

Sharing

General

Target

3052235.bin
Size

66KB
Sample

240904-w7666svbrr
MD5

020443b27faf670962f9eae40cb71536
SHA1

84447338b52eb513db0e2bfc5106970695d55af1
SHA256

b02d54d3bdc31e0de0c404fa75343605e2137789e93afb46e4fdca894b082fab
SHA512

0d52da9b87b2528a6106e558ea7bada901f5e014e500a54cfa587841747c7fea59bf185b35065b4d104388e4fb82468a313742bae666f0c154bc9c2fa72e2ff3
SSDEEP

768:WIsZnlO2fEdZFfwL1hAJ8Z2s11LnJdMzi3cqM29uRBXFevImodVCvN9v1MPMu0t8:bsZkr5K1Cs2OE+jTgVO3odovvd2yrG

Score

7^/10

defense_evasion discovery

Malware Config

Targets

- Target
  
  3052235.bin
- Size
  
  66KB
- MD5
  
  020443b27faf670962f9eae40cb71536
- SHA1
  
  84447338b52eb513db0e2bfc5106970695d55af1
- SHA256
  
  b02d54d3bdc31e0de0c404fa75343605e2137789e93afb46e4fdca894b082fab
- SHA512
  
  0d52da9b87b2528a6106e558ea7bada901f5e014e500a54cfa587841747c7fea59bf185b35065b4d104388e4fb82468a313742bae666f0c154bc9c2fa72e2ff3
- SSDEEP
  
  768:WIsZnlO2fEdZFfwL1hAJ8Z2s11LnJdMzi3cqM29uRBXFevImodVCvN9v1MPMu0t8:bsZkr5K1Cs2OE+jTgVO3odovvd2yrG
Score

7^/10

defense_evasion discovery
- Deletes itself
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery