General
-
Target
6811f2cb0a44d9a86b39d82ac52fd163740469105f68400f80e7439bceeb175a
-
Size
1.1MB
-
Sample
221201-epnhnscg32
-
MD5
379f9e9da8777d1ce68c3d5a6840b0ea
-
SHA1
1bd13e84506906e906ff6088800efa9cdb171a1c
-
SHA256
6811f2cb0a44d9a86b39d82ac52fd163740469105f68400f80e7439bceeb175a
-
SHA512
b2eccb3d8d0630decf7724ce737712c9733da7806eed112d84a4d5b82adf734f613bc3e1774f01cdcb877cd345e500d051d60e911d137db4143caed76f54eae9
-
SSDEEP
24576:eZncX5lEILuXVW1uPKY0vsV9yX8nUuG9c:eBcXMIQVWESYWGYfr
Malware Config
Targets
-
-
Target
6811f2cb0a44d9a86b39d82ac52fd163740469105f68400f80e7439bceeb175a
-
Size
1.1MB
-
MD5
379f9e9da8777d1ce68c3d5a6840b0ea
-
SHA1
1bd13e84506906e906ff6088800efa9cdb171a1c
-
SHA256
6811f2cb0a44d9a86b39d82ac52fd163740469105f68400f80e7439bceeb175a
-
SHA512
b2eccb3d8d0630decf7724ce737712c9733da7806eed112d84a4d5b82adf734f613bc3e1774f01cdcb877cd345e500d051d60e911d137db4143caed76f54eae9
-
SSDEEP
24576:eZncX5lEILuXVW1uPKY0vsV9yX8nUuG9c:eBcXMIQVWESYWGYfr
Score10/10-
Modifies firewall policy service
-
Adds policy Run key to start application
-
Modifies Installed Components in the registry
-
Uses the VBS compiler for execution
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-