General

  • Target

    d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown

  • Size

    198B

  • Sample

    241114-dphfzsxlhp

  • MD5

    bf2374b8c6298e3b02141b50c16c3986

  • SHA1

    f45d99d3b235b13a932f8b5c06d53ca2f230c0b2

  • SHA256

    d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0

  • SHA512

    c7b2ffcab25f6d46b5db46cb5f99f1998a5b7e743ce860f22e52c30ec9ed6eef5e205ddff847905b0a8f7c53136956cadf84917182fba3d3007acc99b0a1340b

Malware Config

Targets

    • Target

      d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0.unknown

    • Size

      198B

    • MD5

      bf2374b8c6298e3b02141b50c16c3986

    • SHA1

      f45d99d3b235b13a932f8b5c06d53ca2f230c0b2

    • SHA256

      d7d6e8d2a8a990cf44e29244062ec6802e39c8b2c047f0367f23ae89415accf0

    • SHA512

      c7b2ffcab25f6d46b5db46cb5f99f1998a5b7e743ce860f22e52c30ec9ed6eef5e205ddff847905b0a8f7c53136956cadf84917182fba3d3007acc99b0a1340b

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

    • Deletes itself

    • Executes dropped EXE

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads process memory

      Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

MITRE ATT&CK Enterprise v15

Tasks