General
-
Target
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912
-
Size
155KB
-
Sample
221128-r44jnabc98
-
MD5
05d894131da48f68009481f209933288
-
SHA1
f6756060274cea91da4ec41d6b472842ef009a3b
-
SHA256
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912
-
SHA512
69ae2d6247e9bc19f3baae5cba1695b5a2023a8fdb72eb6daa6db2d4e6b020100cbd00af20c5b83e8031deab644f703abc79086da3ae109bf931f3dda2e534ef
-
SSDEEP
3072:2bm9g/M7Er4lQJWS9VM7dGm6ydOJoIArfYqbNjGXlk8BFLPHSeSI:Um9t7V2WSfMhGm6pJoIArf/5oa8BFO
Static task
static1
Behavioral task
behavioral1
Sample
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912
-
Size
155KB
-
MD5
05d894131da48f68009481f209933288
-
SHA1
f6756060274cea91da4ec41d6b472842ef009a3b
-
SHA256
3c749acb0552370a6d41e87c13fa66c3897cf923ba6eabd64d4ba5d9cf055912
-
SHA512
69ae2d6247e9bc19f3baae5cba1695b5a2023a8fdb72eb6daa6db2d4e6b020100cbd00af20c5b83e8031deab644f703abc79086da3ae109bf931f3dda2e534ef
-
SSDEEP
3072:2bm9g/M7Er4lQJWS9VM7dGm6ydOJoIArfYqbNjGXlk8BFLPHSeSI:Um9t7V2WSfMhGm6pJoIArf/5oa8BFO
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-