General
-
Target
0bb18fadcce9f3ece8327b3176d7bbc2c25a53b803f232294b179acc2298e82e
-
Size
125KB
-
Sample
221014-kya7lagea2
-
MD5
66183a4cc8ec80d0ea2c913993238aa6
-
SHA1
bbe30323bcad77c8224480236875b3827411e49c
-
SHA256
0bb18fadcce9f3ece8327b3176d7bbc2c25a53b803f232294b179acc2298e82e
-
SHA512
442feb39d0f11f82c97d23156f4c03ffd0e15237fec0c255f052e42ab3d952b2a094b2e8b82fb120dbcae99926d7a8bb21ac279d56dd56c00fec9ec61c78042a
-
SSDEEP
3072:tJFCrhwDyLZKvV8EzphosEMv9wKRJBjMv91NfT4:t8wvvGmosEu9wKRJiv91N
Malware Config
Targets
-
-
Target
0bb18fadcce9f3ece8327b3176d7bbc2c25a53b803f232294b179acc2298e82e
-
Size
125KB
-
MD5
66183a4cc8ec80d0ea2c913993238aa6
-
SHA1
bbe30323bcad77c8224480236875b3827411e49c
-
SHA256
0bb18fadcce9f3ece8327b3176d7bbc2c25a53b803f232294b179acc2298e82e
-
SHA512
442feb39d0f11f82c97d23156f4c03ffd0e15237fec0c255f052e42ab3d952b2a094b2e8b82fb120dbcae99926d7a8bb21ac279d56dd56c00fec9ec61c78042a
-
SSDEEP
3072:tJFCrhwDyLZKvV8EzphosEMv9wKRJBjMv91NfT4:t8wvvGmosEu9wKRJiv91N
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-