General
-
Target
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb
-
Size
172KB
-
Sample
220725-el1ntseafn
-
MD5
7c33132865e04e0a1233b67d3136f7ae
-
SHA1
377b504e9e889a305dc21c890c4a7d0aa9598661
-
SHA256
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb
-
SHA512
8502a268ad8b9b0aec1869ff056e7ab8f86373e2bec57d13e697b8b87c58e78c338dcf951e00a287440da7090de5832d050f76b3c26cf633e20502464ea1779f
Static task
static1
Behavioral task
behavioral1
Sample
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb.exe
Resource
win7-20220715-en
Behavioral task
behavioral2
Sample
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb.exe
Resource
win10v2004-20220721-en
Malware Config
Targets
-
-
Target
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb
-
Size
172KB
-
MD5
7c33132865e04e0a1233b67d3136f7ae
-
SHA1
377b504e9e889a305dc21c890c4a7d0aa9598661
-
SHA256
56568feac926caa70a8f82fb4be6ed1070fd87647ac6563948dfb636c9a25acb
-
SHA512
8502a268ad8b9b0aec1869ff056e7ab8f86373e2bec57d13e697b8b87c58e78c338dcf951e00a287440da7090de5832d050f76b3c26cf633e20502464ea1779f
Score10/10-
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
suricata: ET MALWARE ZeroAccess Outbound udp traffic detected
-
suricata: ET MALWARE ZeroAccess udp traffic detected
suricata: ET MALWARE ZeroAccess udp traffic detected
-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-