General
-
Target
3567269bcfe63144d491cc786d7013275122fd44346c0dfdc7b30a7ea93f5ff6
-
Size
168KB
-
Sample
221123-ry17cahh22
-
MD5
2bf9ee931213b9c87644d329a785c6aa
-
SHA1
c388eb94ca7d6bc8ae08fb149672fc81d9e68f12
-
SHA256
3567269bcfe63144d491cc786d7013275122fd44346c0dfdc7b30a7ea93f5ff6
-
SHA512
eea4e7bbf381f76d045fc5651fe89463b449b5c9f3ea60a12842e2bb95191dbedd68c7b80d64bce1961e75ab7f7310af3b81843d51066217691fcae097cf32ac
-
SSDEEP
3072:UnK52oDAHbzDwZ39PyDI9+C58bBEY440D0Kw8zS6lFN/GK49yYLyms0:sbzuQOmGY4xnfXg
Malware Config
Targets
-
-
Target
3567269bcfe63144d491cc786d7013275122fd44346c0dfdc7b30a7ea93f5ff6
-
Size
168KB
-
MD5
2bf9ee931213b9c87644d329a785c6aa
-
SHA1
c388eb94ca7d6bc8ae08fb149672fc81d9e68f12
-
SHA256
3567269bcfe63144d491cc786d7013275122fd44346c0dfdc7b30a7ea93f5ff6
-
SHA512
eea4e7bbf381f76d045fc5651fe89463b449b5c9f3ea60a12842e2bb95191dbedd68c7b80d64bce1961e75ab7f7310af3b81843d51066217691fcae097cf32ac
-
SSDEEP
3072:UnK52oDAHbzDwZ39PyDI9+C58bBEY440D0Kw8zS6lFN/GK49yYLyms0:sbzuQOmGY4xnfXg
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-