General
-
Target
e8091fffa7ff7488434ad481e1c2369ea35412848447c6c6d9977f21a3c17487
-
Size
187KB
-
Sample
221020-jry5eaced5
-
MD5
818001794a2a48047bf669da67b3bff0
-
SHA1
cebebee4a10094bc9c8bc1433ed0b50d2efa2547
-
SHA256
e8091fffa7ff7488434ad481e1c2369ea35412848447c6c6d9977f21a3c17487
-
SHA512
ac49d89e958073386fb5bc65b1177c8adc2d2edac192ce04625632ac26cfbce9c287eca6f8a11d595e348f0ca3088d74970dd4ab86cc37784f5deacbc136250b
-
SSDEEP
3072:5iHdHhZGleewKzz2iSuhsExnSDFh4GR7HU:s978eewm2uOExuFVd
Malware Config
Targets
-
-
Target
e8091fffa7ff7488434ad481e1c2369ea35412848447c6c6d9977f21a3c17487
-
Size
187KB
-
MD5
818001794a2a48047bf669da67b3bff0
-
SHA1
cebebee4a10094bc9c8bc1433ed0b50d2efa2547
-
SHA256
e8091fffa7ff7488434ad481e1c2369ea35412848447c6c6d9977f21a3c17487
-
SHA512
ac49d89e958073386fb5bc65b1177c8adc2d2edac192ce04625632ac26cfbce9c287eca6f8a11d595e348f0ca3088d74970dd4ab86cc37784f5deacbc136250b
-
SSDEEP
3072:5iHdHhZGleewKzz2iSuhsExnSDFh4GR7HU:s978eewm2uOExuFVd
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-