General
-
Target
de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
-
Size
125KB
-
Sample
221030-n2ewqsaeej
-
MD5
93e0190fb027672f386ddce1b0737503
-
SHA1
e2b3d325a2ed0f9224815141d00970510fc527ef
-
SHA256
de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
-
SHA512
84d1cad7e3df859d711ba5a54d9a3938417758ba14ab0bb9c45d419d7d876996cf2a10f992e460d4ec80355152c0019332b3cc7e34c6f6903833ad0139b3fa33
-
SSDEEP
3072:HTh+VUnCPMTADCcjKZxzYrm8Xp5fs9YxIJF:HAoCP0ACBzYXp5E9YqJ
Malware Config
Targets
-
-
Target
de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
-
Size
125KB
-
MD5
93e0190fb027672f386ddce1b0737503
-
SHA1
e2b3d325a2ed0f9224815141d00970510fc527ef
-
SHA256
de4865ba37f0e3a13018ad34a0be6298fc75606f6e292f0d62111efafa811842
-
SHA512
84d1cad7e3df859d711ba5a54d9a3938417758ba14ab0bb9c45d419d7d876996cf2a10f992e460d4ec80355152c0019332b3cc7e34c6f6903833ad0139b3fa33
-
SSDEEP
3072:HTh+VUnCPMTADCcjKZxzYrm8Xp5fs9YxIJF:HAoCP0ACBzYXp5E9YqJ
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-