General
-
Target
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa
-
Size
154KB
-
Sample
221124-196ewach53
-
MD5
f568feb9d9e52e6ca4a2e9c2aa7b6ac1
-
SHA1
1d54221b8506a4eefe98d7071ec2621c3892bda6
-
SHA256
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa
-
SHA512
ee01d4806a2b0f88fb0cc9e7763f41e5dd14f5f34cb64d3e947878ab138ae61c2c390df923f799226fc73ec713c6511982f94f3f4b454d998dd6d32cdb4656e2
-
SSDEEP
3072:nxbv6QZjOhmD7D2t40Dmq+1b3IHhAF0EL+z+G6j/wGoJ+2:nxbCBc2t40aq+1sGF0Exj
Static task
static1
Behavioral task
behavioral1
Sample
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa
-
Size
154KB
-
MD5
f568feb9d9e52e6ca4a2e9c2aa7b6ac1
-
SHA1
1d54221b8506a4eefe98d7071ec2621c3892bda6
-
SHA256
8ebef10661973654d41d225ecf491417cb6624a90d3d1dc94408bab0fc1a6bfa
-
SHA512
ee01d4806a2b0f88fb0cc9e7763f41e5dd14f5f34cb64d3e947878ab138ae61c2c390df923f799226fc73ec713c6511982f94f3f4b454d998dd6d32cdb4656e2
-
SSDEEP
3072:nxbv6QZjOhmD7D2t40Dmq+1b3IHhAF0EL+z+G6j/wGoJ+2:nxbCBc2t40aq+1sGF0Exj
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-