General
-
Target
6c77b7e0252c173dd07ad24502a6c3f6c4ef35369960c195b8ffbd6da44a6a57
-
Size
322KB
-
Sample
221126-2ksyxsea2y
-
MD5
60ed5a19cb1e429e27a49ac1cecc1199
-
SHA1
96c0e8775887e85e9ecd0137d120e70da447c00d
-
SHA256
6c77b7e0252c173dd07ad24502a6c3f6c4ef35369960c195b8ffbd6da44a6a57
-
SHA512
99304365ddee503eba659022dc13e56643c5d3d19a07f85ae8b61122d744b8b2e798d9fd3528ae5325c931efbfba876063af5b1d61b0093c681d8189471d3630
-
SSDEEP
6144:tp+HhQ7fH9gH/MaQojHY5LYwBgY3xbimcDbcDF82xrjTswnowIa:tp+HhQJiMhsHYPSigmcDbCF82RTTow
Malware Config
Targets
-
-
Target
6c77b7e0252c173dd07ad24502a6c3f6c4ef35369960c195b8ffbd6da44a6a57
-
Size
322KB
-
MD5
60ed5a19cb1e429e27a49ac1cecc1199
-
SHA1
96c0e8775887e85e9ecd0137d120e70da447c00d
-
SHA256
6c77b7e0252c173dd07ad24502a6c3f6c4ef35369960c195b8ffbd6da44a6a57
-
SHA512
99304365ddee503eba659022dc13e56643c5d3d19a07f85ae8b61122d744b8b2e798d9fd3528ae5325c931efbfba876063af5b1d61b0093c681d8189471d3630
-
SSDEEP
6144:tp+HhQ7fH9gH/MaQojHY5LYwBgY3xbimcDbcDF82xrjTswnowIa:tp+HhQJiMhsHYPSigmcDbCF82RTTow
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-