General
-
Target
b5822d576fe3933d8f9534289e26d9761e67496ce3fdf2e0d8807d9987b4d4a4
-
Size
134KB
-
Sample
221130-2v9pesfg41
-
MD5
5c178327d43e17ae6d5481b3a7639590
-
SHA1
f6163f9989bc2dc3e3985edc201529e11bbc494c
-
SHA256
b5822d576fe3933d8f9534289e26d9761e67496ce3fdf2e0d8807d9987b4d4a4
-
SHA512
a3c7101fdf7885eb210aec5892390ae531c076934ba46c2693a26d2907c8dc6b274364baeea18258a9aa91e6c2c9426cdc00b93b2c82d0f3de00d7532faf6163
-
SSDEEP
3072:G7fsRe6fCAKYInTyNaRRvZ9Rn+h/F91vHuL2R7VlS:GLsRZCAJqyNar0DTL
Malware Config
Targets
-
-
Target
b5822d576fe3933d8f9534289e26d9761e67496ce3fdf2e0d8807d9987b4d4a4
-
Size
134KB
-
MD5
5c178327d43e17ae6d5481b3a7639590
-
SHA1
f6163f9989bc2dc3e3985edc201529e11bbc494c
-
SHA256
b5822d576fe3933d8f9534289e26d9761e67496ce3fdf2e0d8807d9987b4d4a4
-
SHA512
a3c7101fdf7885eb210aec5892390ae531c076934ba46c2693a26d2907c8dc6b274364baeea18258a9aa91e6c2c9426cdc00b93b2c82d0f3de00d7532faf6163
-
SSDEEP
3072:G7fsRe6fCAKYInTyNaRRvZ9Rn+h/F91vHuL2R7VlS:GLsRZCAJqyNar0DTL
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-