General
-
Target
6eb5f18896abf80b4038bc6650196d8017959bd6963af27225f2e10762497615
-
Size
178KB
-
Sample
221129-jx4bbaah45
-
MD5
727cf305772860abd334c71d7bc36059
-
SHA1
ed9da02796cec03459453485dd44858dda180938
-
SHA256
6eb5f18896abf80b4038bc6650196d8017959bd6963af27225f2e10762497615
-
SHA512
26ab7384dbff320132d4d9501456d3ef88e5045cfdf48ef097849f61fab4ea8655e8c07c3d3926500c07e0ddd33291005c7c926db4596e96c600de58a6c6c56a
-
SSDEEP
3072:5lZeYd+OK4GoCsMQFG+jpAjhMLtnpSjX/1UTyHXgBmJQHOmBODE6TGquD5csHUHK:5rld+O6slgGpmhMhUjaXBQQdB2Cb3LF3
Malware Config
Targets
-
-
Target
6eb5f18896abf80b4038bc6650196d8017959bd6963af27225f2e10762497615
-
Size
178KB
-
MD5
727cf305772860abd334c71d7bc36059
-
SHA1
ed9da02796cec03459453485dd44858dda180938
-
SHA256
6eb5f18896abf80b4038bc6650196d8017959bd6963af27225f2e10762497615
-
SHA512
26ab7384dbff320132d4d9501456d3ef88e5045cfdf48ef097849f61fab4ea8655e8c07c3d3926500c07e0ddd33291005c7c926db4596e96c600de58a6c6c56a
-
SSDEEP
3072:5lZeYd+OK4GoCsMQFG+jpAjhMLtnpSjX/1UTyHXgBmJQHOmBODE6TGquD5csHUHK:5rld+O6slgGpmhMhUjaXBQQdB2Cb3LF3
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-