General
-
Target
3f6f2f6a6c5867031f8480fd8df6ee2161459d19f1579d96c6fc6bbf73c482af
-
Size
249KB
-
Sample
221130-3e642aec96
-
MD5
21d3a298c79dfffaaed4b58a5e26d620
-
SHA1
ad3f9a34baba30237fefe12354fe740f8721f08b
-
SHA256
3f6f2f6a6c5867031f8480fd8df6ee2161459d19f1579d96c6fc6bbf73c482af
-
SHA512
d273256862b223935e9249f89390e2164f1ebaaa75606d2cc7fbde0ff4d074135cefe4e1a1c743448e104acc0a935b215c848eba9f72c5e82369e3ec6945755d
-
SSDEEP
3072:aDovmVVTVhWxJ0pUkkbKZfG+c9zf0j70ZjsGTOm1jZLEnUMDS2jbxWGq6p:EzVHhz6kkyi9zgwqRvUMDSbGq
Malware Config
Targets
-
-
Target
3f6f2f6a6c5867031f8480fd8df6ee2161459d19f1579d96c6fc6bbf73c482af
-
Size
249KB
-
MD5
21d3a298c79dfffaaed4b58a5e26d620
-
SHA1
ad3f9a34baba30237fefe12354fe740f8721f08b
-
SHA256
3f6f2f6a6c5867031f8480fd8df6ee2161459d19f1579d96c6fc6bbf73c482af
-
SHA512
d273256862b223935e9249f89390e2164f1ebaaa75606d2cc7fbde0ff4d074135cefe4e1a1c743448e104acc0a935b215c848eba9f72c5e82369e3ec6945755d
-
SSDEEP
3072:aDovmVVTVhWxJ0pUkkbKZfG+c9zf0j70ZjsGTOm1jZLEnUMDS2jbxWGq6p:EzVHhz6kkyi9zgwqRvUMDSbGq
Score10/10-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-