General
-
Target
3fc82343a2a224d0be16973915fbc47b4fce677d9a12f71b52319b68d2f3dfe2
-
Size
231KB
-
Sample
221129-llqbesag7y
-
MD5
3769a8e2f236f86a534b1e2d0739e960
-
SHA1
1b1a56bbc58088baa5d5eb58931010e76a22a16d
-
SHA256
3fc82343a2a224d0be16973915fbc47b4fce677d9a12f71b52319b68d2f3dfe2
-
SHA512
349364c016d36ff6995b2386a376701ffa9725c2b785fea39437bc35d074a8e001fc143d75b601bb670f9f569d7465e4ea4870a162899aeb5131359f7d87915f
-
SSDEEP
6144:zT0pBR5eGj/uV7BoGPJnClt3RlxAMjWt5sTDf4M:wBXeeu5dJCltTxQKAM
Malware Config
Targets
-
-
Target
3fc82343a2a224d0be16973915fbc47b4fce677d9a12f71b52319b68d2f3dfe2
-
Size
231KB
-
MD5
3769a8e2f236f86a534b1e2d0739e960
-
SHA1
1b1a56bbc58088baa5d5eb58931010e76a22a16d
-
SHA256
3fc82343a2a224d0be16973915fbc47b4fce677d9a12f71b52319b68d2f3dfe2
-
SHA512
349364c016d36ff6995b2386a376701ffa9725c2b785fea39437bc35d074a8e001fc143d75b601bb670f9f569d7465e4ea4870a162899aeb5131359f7d87915f
-
SSDEEP
6144:zT0pBR5eGj/uV7BoGPJnClt3RlxAMjWt5sTDf4M:wBXeeu5dJCltTxQKAM
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-