General
-
Target
109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
-
Size
127KB
-
Sample
221029-21zfmsbedl
-
MD5
8441b6dfb8d8fc680af022724b7f0bb0
-
SHA1
b73f86c23a24769f83f5fae4afce3d555b4a7d6b
-
SHA256
109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
-
SHA512
0d93e7eeb63485a7ffef6fa0cfc0b5f4ac4699009b4d0bb49824ca5147844fdf525b1b1a434c1533670750c7e32afe946efe4f455d397bded60d99b4c4162e7c
-
SSDEEP
3072:/Zz/FlBHJtPzfDrcZWZuVeSdGke3ekBsoLi:B7RJlf8/AOGke3R2w
Malware Config
Targets
-
-
Target
109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
-
Size
127KB
-
MD5
8441b6dfb8d8fc680af022724b7f0bb0
-
SHA1
b73f86c23a24769f83f5fae4afce3d555b4a7d6b
-
SHA256
109ef9573c74a494d6f0895fca0846104674bfc681e3d8b7ab7c70a9571a60c2
-
SHA512
0d93e7eeb63485a7ffef6fa0cfc0b5f4ac4699009b4d0bb49824ca5147844fdf525b1b1a434c1533670750c7e32afe946efe4f455d397bded60d99b4c4162e7c
-
SSDEEP
3072:/Zz/FlBHJtPzfDrcZWZuVeSdGke3ekBsoLi:B7RJlf8/AOGke3R2w
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-