General
-
Target
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446
-
Size
1.0MB
-
Sample
220724-12qz8aadap
-
MD5
203bd1419cb3a6f70d6606a7e7a7a4a2
-
SHA1
46faa2aade421560da587f6e7ce91be481470c89
-
SHA256
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446
-
SHA512
0af366b975037ae85d7472094158979f2d5268bc09da9c0f0de46c9ef3a1b87a3839d4b16fb38a099044e1d5a15fd3fe2efb449caeedc4ebaf23194a5a089101
Static task
static1
Behavioral task
behavioral1
Sample
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446.exe
Resource
win7-20220718-en
Behavioral task
behavioral2
Sample
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446
-
Size
1.0MB
-
MD5
203bd1419cb3a6f70d6606a7e7a7a4a2
-
SHA1
46faa2aade421560da587f6e7ce91be481470c89
-
SHA256
577c6c2c6fdf17a6ed04dff2e8da4c982332c955cda48bdae87c340e46626446
-
SHA512
0af366b975037ae85d7472094158979f2d5268bc09da9c0f0de46c9ef3a1b87a3839d4b16fb38a099044e1d5a15fd3fe2efb449caeedc4ebaf23194a5a089101
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
-
suricata: ET MALWARE ZeroAccess udp traffic detected
suricata: ET MALWARE ZeroAccess udp traffic detected
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-