General
-
Target
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2
-
Size
160KB
-
Sample
221124-2b3f1agc2v
-
MD5
01183166fbe73829f070df7f433535af
-
SHA1
12dba89f2c869ff6f12f8005dfb004628e2c983d
-
SHA256
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2
-
SHA512
f8f063332a9c68eee507b0131011f577be2e6115991be36721c7dacc723ae0afe78c63e8e58c1f42d32f86475a82f40a4d123d66e4364bf3ad62418062325e56
-
SSDEEP
3072:KSoqfIPMILiKeWc92Q8wyyfmsaPFwyv9AvEcsmB5Oa0q/2uCzak:HIUILNisDyfmVuxMZq/z8ak
Static task
static1
Behavioral task
behavioral1
Sample
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2
-
Size
160KB
-
MD5
01183166fbe73829f070df7f433535af
-
SHA1
12dba89f2c869ff6f12f8005dfb004628e2c983d
-
SHA256
8dee4abfdb21c3f74100f83f388a350e8dbef4c2740a1a9e37fee293f6e09cd2
-
SHA512
f8f063332a9c68eee507b0131011f577be2e6115991be36721c7dacc723ae0afe78c63e8e58c1f42d32f86475a82f40a4d123d66e4364bf3ad62418062325e56
-
SSDEEP
3072:KSoqfIPMILiKeWc92Q8wyyfmsaPFwyv9AvEcsmB5Oa0q/2uCzak:HIUILNisDyfmVuxMZq/z8ak
Score8/10-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-