General
-
Target
92e77066ada0501bfd8f469e71cfd8fd916c75dd38e496e206d58d55a9747305
-
Size
168KB
-
Sample
221127-t4gq1aca64
-
MD5
24d74f4e393403285cb6766dcef5f8ec
-
SHA1
3fa1f0911384fd9912af47bbc72f79bcde925c2d
-
SHA256
92e77066ada0501bfd8f469e71cfd8fd916c75dd38e496e206d58d55a9747305
-
SHA512
d6bf5c69ed412a1fd59235c2fb7f97574d9adf24f0488dfc1fbdb6f9120f6134790e45fd163d99fc44c65f4138d98114bfb0129c205f1dbac369536c58bb02d0
-
SSDEEP
3072:CrU8REj7lO48uutkxZeKtsNruxCuZUaHtxb2aQk3O2aT6EXzvRFtmio/67wVsCgq:CrU8aY4TToxN4CkTPp3iVFtmio/67cxS
Malware Config
Targets
-
-
Target
92e77066ada0501bfd8f469e71cfd8fd916c75dd38e496e206d58d55a9747305
-
Size
168KB
-
MD5
24d74f4e393403285cb6766dcef5f8ec
-
SHA1
3fa1f0911384fd9912af47bbc72f79bcde925c2d
-
SHA256
92e77066ada0501bfd8f469e71cfd8fd916c75dd38e496e206d58d55a9747305
-
SHA512
d6bf5c69ed412a1fd59235c2fb7f97574d9adf24f0488dfc1fbdb6f9120f6134790e45fd163d99fc44c65f4138d98114bfb0129c205f1dbac369536c58bb02d0
-
SSDEEP
3072:CrU8REj7lO48uutkxZeKtsNruxCuZUaHtxb2aQk3O2aT6EXzvRFtmio/67wVsCgq:CrU8aY4TToxN4CkTPp3iVFtmio/67cxS
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-