General
-
Target
2528551adf2d1cf79b73e2f35c514d6ec2969f9af1c2d914ccce2ed87efa7441
-
Size
137KB
-
Sample
220611-yqkmysedbk
-
MD5
356e3491786ba260977987d91967dfca
-
SHA1
fd3d8ad881948a9a9a3e92fa6a77c1fc2bbd8e8c
-
SHA256
2528551adf2d1cf79b73e2f35c514d6ec2969f9af1c2d914ccce2ed87efa7441
-
SHA512
7514bdd9b412b7f86ee9aecd2b46ed3a69afbf52144d5a43d94d3b8c7c63d36e1aba38fa53ce6210a6a1fb88156f35a5573c162ec3d9ccf61c0c46fc60a0b95b
Malware Config
Targets
-
-
Target
2528551adf2d1cf79b73e2f35c514d6ec2969f9af1c2d914ccce2ed87efa7441
-
Size
137KB
-
MD5
356e3491786ba260977987d91967dfca
-
SHA1
fd3d8ad881948a9a9a3e92fa6a77c1fc2bbd8e8c
-
SHA256
2528551adf2d1cf79b73e2f35c514d6ec2969f9af1c2d914ccce2ed87efa7441
-
SHA512
7514bdd9b412b7f86ee9aecd2b46ed3a69afbf52144d5a43d94d3b8c7c63d36e1aba38fa53ce6210a6a1fb88156f35a5573c162ec3d9ccf61c0c46fc60a0b95b
Score10/10-
Modifies Windows Defender Real-time Protection settings
-
Windows security bypass
-
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
-
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
suricata: ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses
-
Executes dropped EXE
-
Loads dropped DLL
-
Windows security modification
-
Adds Run key to start application
-