General
-
Target
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9
-
Size
170KB
-
Sample
221123-qrqxcshf8s
-
MD5
dda8981aee97a3408462bc92458aed39
-
SHA1
1efdfbde1119d532d6e7fb33b82c19d89b9486f4
-
SHA256
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9
-
SHA512
bc6ffcf55424e3694822383885a3848ccf1cfbd83dfe747692fbdbdf5898988a1822be1f0edae01eefc3aece34392c41df21b202c2d1e4c763e64bd87055a2f3
-
SSDEEP
3072:2O+0vRk64ySxQytIlLGgl74TS+uoyNVfsh/yLtcsOFJFwAqUFIe9W3wZ219V3BGJ:XVvRuyIuRGg5Kuo6shvsOFJFwd4QwZEE
Static task
static1
Behavioral task
behavioral1
Sample
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9
-
Size
170KB
-
MD5
dda8981aee97a3408462bc92458aed39
-
SHA1
1efdfbde1119d532d6e7fb33b82c19d89b9486f4
-
SHA256
a3fd9eac179dfe5f96cd4466c9ff1c0914f30a660b08fd91065e0b0cd68a4de9
-
SHA512
bc6ffcf55424e3694822383885a3848ccf1cfbd83dfe747692fbdbdf5898988a1822be1f0edae01eefc3aece34392c41df21b202c2d1e4c763e64bd87055a2f3
-
SSDEEP
3072:2O+0vRk64ySxQytIlLGgl74TS+uoyNVfsh/yLtcsOFJFwAqUFIe9W3wZ219V3BGJ:XVvRuyIuRGg5Kuo6shvsOFJFwd4QwZEE
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-