General
-
Target
d893e63a6c2da23eb58856c2896b6b6973b9eda6d39d7f01a153251157ca46da
-
Size
138KB
-
Sample
221123-p7r9pagc6y
-
MD5
04ab1b47348a1543a0a40218afe64edb
-
SHA1
d20cad35dcc76e23bff462218adb6232325525f1
-
SHA256
d893e63a6c2da23eb58856c2896b6b6973b9eda6d39d7f01a153251157ca46da
-
SHA512
24f47765675be0bf5b2baea6363bff212c0dd5fc19f35392bd76d3eff6fe0d1147e773d8bf4c56d03b38c23652d75ea5a8246c10779d2d96d30a6b65063194a2
-
SSDEEP
3072:Bae7MEgpoqqQeRFEvm0RE1z/xWDbDY07Uj7Dph5+tBpzI:8ePEsRFOE1WM0AjBknI
Malware Config
Targets
-
-
Target
d893e63a6c2da23eb58856c2896b6b6973b9eda6d39d7f01a153251157ca46da
-
Size
138KB
-
MD5
04ab1b47348a1543a0a40218afe64edb
-
SHA1
d20cad35dcc76e23bff462218adb6232325525f1
-
SHA256
d893e63a6c2da23eb58856c2896b6b6973b9eda6d39d7f01a153251157ca46da
-
SHA512
24f47765675be0bf5b2baea6363bff212c0dd5fc19f35392bd76d3eff6fe0d1147e773d8bf4c56d03b38c23652d75ea5a8246c10779d2d96d30a6b65063194a2
-
SSDEEP
3072:Bae7MEgpoqqQeRFEvm0RE1z/xWDbDY07Uj7Dph5+tBpzI:8ePEsRFOE1WM0AjBknI
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-