General
-
Target
39ee87f41cf6855c9861b656ee8b1286456a95e9658db7f0dd0a5ef41aa43522
-
Size
123KB
-
Sample
221030-qf9v4acad4
-
MD5
928c2e686d75ed022a041aa135284aeb
-
SHA1
72d3bad54c2107dc2742bb840f1bf38add86494a
-
SHA256
39ee87f41cf6855c9861b656ee8b1286456a95e9658db7f0dd0a5ef41aa43522
-
SHA512
ee7d99bd101a623f2b0e890fbfbe8a64b2fbce83aad53d218b1b2376528ddfbbc7596b9bbfa20ff850468e606cc314759c0d841aa25d9b6dd1d366ad6e686fe1
-
SSDEEP
3072:odhwqbx7SHQQVYe68CQrxlai7QdLcFEc66TGww57RRq3ofRkuXQG:shtbx7a1Vm8Va0Qd0Ec6j57b+uzX
Malware Config
Targets
-
-
Target
39ee87f41cf6855c9861b656ee8b1286456a95e9658db7f0dd0a5ef41aa43522
-
Size
123KB
-
MD5
928c2e686d75ed022a041aa135284aeb
-
SHA1
72d3bad54c2107dc2742bb840f1bf38add86494a
-
SHA256
39ee87f41cf6855c9861b656ee8b1286456a95e9658db7f0dd0a5ef41aa43522
-
SHA512
ee7d99bd101a623f2b0e890fbfbe8a64b2fbce83aad53d218b1b2376528ddfbbc7596b9bbfa20ff850468e606cc314759c0d841aa25d9b6dd1d366ad6e686fe1
-
SSDEEP
3072:odhwqbx7SHQQVYe68CQrxlai7QdLcFEc66TGww57RRq3ofRkuXQG:shtbx7a1Vm8Va0Qd0Ec6j57b+uzX
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-