General
-
Target
c62c1dd1028a5ff9271ae17d183c11f6b6690af3138607f8e2312f88a4883938
-
Size
152KB
-
Sample
221003-qvznnshdg3
-
MD5
60de05b55c2eefd8de1ae9b6f8027821
-
SHA1
31955b80603ed95daa1913962c91ad22e361ad9e
-
SHA256
c62c1dd1028a5ff9271ae17d183c11f6b6690af3138607f8e2312f88a4883938
-
SHA512
e9efa4364a2678fadb2034c0bbf51e0217912ffed7c0133277602a7088a978a893537708b97de9af0ecccbffdbd14588334eb44afb1d11befc330dc1eee9b8b7
-
SSDEEP
3072:YbpsI7I3BYeTpOBhdIQgTtgax7z4JKo4h08WroaNEjgkK5lf0:YbpP9e9OjdIbtgPKj08bMks
Malware Config
Targets
-
-
Target
c62c1dd1028a5ff9271ae17d183c11f6b6690af3138607f8e2312f88a4883938
-
Size
152KB
-
MD5
60de05b55c2eefd8de1ae9b6f8027821
-
SHA1
31955b80603ed95daa1913962c91ad22e361ad9e
-
SHA256
c62c1dd1028a5ff9271ae17d183c11f6b6690af3138607f8e2312f88a4883938
-
SHA512
e9efa4364a2678fadb2034c0bbf51e0217912ffed7c0133277602a7088a978a893537708b97de9af0ecccbffdbd14588334eb44afb1d11befc330dc1eee9b8b7
-
SSDEEP
3072:YbpsI7I3BYeTpOBhdIQgTtgax7z4JKo4h08WroaNEjgkK5lf0:YbpP9e9OjdIbtgPKj08bMks
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-