General
-
Target
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc
-
Size
181KB
-
Sample
221125-jcwqqsbb42
-
MD5
cbe651fb6de2f98242351804a24b6112
-
SHA1
763c308f83f97a8bb1dfa5c3213d3194ff48900c
-
SHA256
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc
-
SHA512
b8e8b2ff0750e243572429beaa8aa8735066ec50fd7ce378f97a0a6026b7a1ac4120d19dc2f53d9b07290c9d8e4adb99fec51b79acc1c3653c5218e840050d73
-
SSDEEP
3072:iIDlrRGTE8OkbARI4/ALZPEKG3A+/ftQayV1EjJKF0YJENdhyK8AuUr/:lZrAv5b0IDLalw2yV1+I9J2uAu
Static task
static1
Behavioral task
behavioral1
Sample
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc
-
Size
181KB
-
MD5
cbe651fb6de2f98242351804a24b6112
-
SHA1
763c308f83f97a8bb1dfa5c3213d3194ff48900c
-
SHA256
884088ab1fcc6d5cf914644a72cf41212ba806015b3f94cddfe0527a2699f9bc
-
SHA512
b8e8b2ff0750e243572429beaa8aa8735066ec50fd7ce378f97a0a6026b7a1ac4120d19dc2f53d9b07290c9d8e4adb99fec51b79acc1c3653c5218e840050d73
-
SSDEEP
3072:iIDlrRGTE8OkbARI4/ALZPEKG3A+/ftQayV1EjJKF0YJENdhyK8AuUr/:lZrAv5b0IDLalw2yV1+I9J2uAu
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-