General
-
Target
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8
-
Size
157KB
-
Sample
220604-e11x5sebgj
-
MD5
40646f36fe5551b18f86e945a11d2f36
-
SHA1
f661b05894fe03cde6352fabb93127d660707a81
-
SHA256
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8
-
SHA512
5223bae9e85e245bea47964f43baaff6c9498a6306c2d2a5436e21da7eef8c00da5ae406c6379bf897083b963e6c2eef84afe66b2edde2cd2d7f8f3e9206bd93
Static task
static1
Behavioral task
behavioral1
Sample
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8
-
Size
157KB
-
MD5
40646f36fe5551b18f86e945a11d2f36
-
SHA1
f661b05894fe03cde6352fabb93127d660707a81
-
SHA256
116d0c92d929775aca86bfc287a11b77094ba4538bd7db2c2b1dce1f40e6c6a8
-
SHA512
5223bae9e85e245bea47964f43baaff6c9498a6306c2d2a5436e21da7eef8c00da5ae406c6379bf897083b963e6c2eef84afe66b2edde2cd2d7f8f3e9206bd93
Score10/10-
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
-
suricata: ET MALWARE ZeroAccess udp traffic detected
suricata: ET MALWARE ZeroAccess udp traffic detected
-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-