General
-
Target
73f06bed13e22c2ab8b41bde5fc32b6d91680e87d0f57b3563c629ee3c479e73_unpacked
-
Size
368KB
-
Sample
221027-fabq1aaffj
-
MD5
379ba8e55498cb7a71ec4dcd371968af
-
SHA1
5f522dda6b003b151ff60b83fe326400b9ed7716
-
SHA256
3eb9bbe3ed251ec3fd1ff9dbcbe4dd1a2190294a84ee359d5e87804317bac895
-
SHA512
03faa3296eeeb5c100bfd80ebde8db37b352dd3fdfa73482a399fa4ce53c27abc915483f26e27371a2b45944f111ac286a8c273ca7c59dcac02e804e8fa920e3
-
SSDEEP
6144:MsDnP1qTkUyioNn35D2BRkcVDnDqqOkqXngsDnWSk8YlD7W3/:TzP1qNyio9pyBRk2zDnsDV6G3/
Malware Config
Targets
-
-
Target
73f06bed13e22c2ab8b41bde5fc32b6d91680e87d0f57b3563c629ee3c479e73_unpacked
-
Size
368KB
-
MD5
379ba8e55498cb7a71ec4dcd371968af
-
SHA1
5f522dda6b003b151ff60b83fe326400b9ed7716
-
SHA256
3eb9bbe3ed251ec3fd1ff9dbcbe4dd1a2190294a84ee359d5e87804317bac895
-
SHA512
03faa3296eeeb5c100bfd80ebde8db37b352dd3fdfa73482a399fa4ce53c27abc915483f26e27371a2b45944f111ac286a8c273ca7c59dcac02e804e8fa920e3
-
SSDEEP
6144:MsDnP1qTkUyioNn35D2BRkcVDnDqqOkqXngsDnWSk8YlD7W3/:TzP1qNyio9pyBRk2zDnsDV6G3/
Score10/10-
Modifies visibility of file extensions in Explorer
-
Blocklisted process makes network request
-
Executes dropped EXE
-
Deletes itself
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-