General
-
Target
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9
-
Size
178KB
-
Sample
221123-pvhvgscc59
-
MD5
10a1d3076e341bc58eb877812af28831
-
SHA1
4ac987f8d220168d089d86f3e47810f67fb4c889
-
SHA256
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9
-
SHA512
9f45ef560a8e3091d232032656810f31521ae7913fe5a437d80b3065e791decf5722c70a9283f19bb59acb3ad1508d2cdaf3535fcf85c564b85fb0f364e93579
-
SSDEEP
3072:ovbnG14mgBkAV7y9rwOWqdIQhY4IC4ilDG0UQ2Vf8RjPrd:AGGkAc9tdIOYC4iFUQ2BAzrd
Static task
static1
Behavioral task
behavioral1
Sample
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9
-
Size
178KB
-
MD5
10a1d3076e341bc58eb877812af28831
-
SHA1
4ac987f8d220168d089d86f3e47810f67fb4c889
-
SHA256
fa6f80a2025801716693f71334a2fed9c0821eaf42a9af8734b6e100840412a9
-
SHA512
9f45ef560a8e3091d232032656810f31521ae7913fe5a437d80b3065e791decf5722c70a9283f19bb59acb3ad1508d2cdaf3535fcf85c564b85fb0f364e93579
-
SSDEEP
3072:ovbnG14mgBkAV7y9rwOWqdIQhY4IC4ilDG0UQ2Vf8RjPrd:AGGkAc9tdIOYC4iFUQ2BAzrd
Score8/10-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-