General
-
Target
3a7c8d29de87cdb1b4f81540b71fc4835b509885bca4b232fe5e79c3a6cdae61
-
Size
174KB
-
Sample
221123-rxayrshf96
-
MD5
fdc96be128bf11763122a0a8dac1ccb4
-
SHA1
62fa22f85cd2a79525e66fba8460a544c9e28db9
-
SHA256
3a7c8d29de87cdb1b4f81540b71fc4835b509885bca4b232fe5e79c3a6cdae61
-
SHA512
55bf1a509b03fc0eb16232c93ddaf6b1c27186cfccb86ccc474312162a336302fbd5e178c9fc289134cbbab1f8a94c5440f89a3ac0ee88885310ba92b2cbf859
-
SSDEEP
3072:1p3fHRqQQxFDeOjmaeSb6Yd5vr0x8iDWVKAUA5i+XwxR:HRcfDevimsvr0x8iDmKRA5iqwx
Malware Config
Targets
-
-
Target
3a7c8d29de87cdb1b4f81540b71fc4835b509885bca4b232fe5e79c3a6cdae61
-
Size
174KB
-
MD5
fdc96be128bf11763122a0a8dac1ccb4
-
SHA1
62fa22f85cd2a79525e66fba8460a544c9e28db9
-
SHA256
3a7c8d29de87cdb1b4f81540b71fc4835b509885bca4b232fe5e79c3a6cdae61
-
SHA512
55bf1a509b03fc0eb16232c93ddaf6b1c27186cfccb86ccc474312162a336302fbd5e178c9fc289134cbbab1f8a94c5440f89a3ac0ee88885310ba92b2cbf859
-
SSDEEP
3072:1p3fHRqQQxFDeOjmaeSb6Yd5vr0x8iDWVKAUA5i+XwxR:HRcfDevimsvr0x8iDmKRA5iqwx
Score8/10-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-