General
-
Target
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802
-
Size
134KB
-
Sample
221028-3154vscfg9
-
MD5
0c949933a2e9af9593314215e3d4b399
-
SHA1
49d2ffb2113f7bf628b4feba26fdc95ce15e273d
-
SHA256
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802
-
SHA512
35741e4ab98625634176aadb19b932c2c4a2235290765cad524c803dfaf5ee876978dadac5ffd540c3e4d7e6d1fc3adeae0663a8614a751e03c7e79971c0dceb
-
SSDEEP
3072:Xyh7+Xeo46jZz076KWQyWCGLm8+ndws6:XGC9jN076KgWCG6LE
Static task
static1
Behavioral task
behavioral1
Sample
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802
-
Size
134KB
-
MD5
0c949933a2e9af9593314215e3d4b399
-
SHA1
49d2ffb2113f7bf628b4feba26fdc95ce15e273d
-
SHA256
e382320d8c2019d27c53d2218eaf12c20fff7f92db1760d7bf13c12fa2c32802
-
SHA512
35741e4ab98625634176aadb19b932c2c4a2235290765cad524c803dfaf5ee876978dadac5ffd540c3e4d7e6d1fc3adeae0663a8614a751e03c7e79971c0dceb
-
SSDEEP
3072:Xyh7+Xeo46jZz076KWQyWCGLm8+ndws6:XGC9jN076KgWCG6LE
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-