General
-
Target
287cf9a6b09fa55e351ca4683b1094fa4c5f7fa04577fe96677cef0d3a16f41c
-
Size
136KB
-
Sample
221201-f6l7lscf8v
-
MD5
07ef344a82119b06cd895c48be404840
-
SHA1
dcd28148b0e51fa300b36eb56c386054b37540c0
-
SHA256
287cf9a6b09fa55e351ca4683b1094fa4c5f7fa04577fe96677cef0d3a16f41c
-
SHA512
de5bf2b4fea01725fd1e93141e917ce3ead1a6ca3e0e4424f1c302f08207cd1c23b374ad68bfae5ed57960ef53621aa405e6594a3cba47e5a7fa727f43c3eb5d
-
SSDEEP
3072:yfilVq6lAcDqgHy0GV5t+IIJOCBHEdKVX/K/7DVV77ff4UX7b1a:yfi9lVqwyt+IIJB6KVX/KL77fftX7Y
Malware Config
Targets
-
-
Target
287cf9a6b09fa55e351ca4683b1094fa4c5f7fa04577fe96677cef0d3a16f41c
-
Size
136KB
-
MD5
07ef344a82119b06cd895c48be404840
-
SHA1
dcd28148b0e51fa300b36eb56c386054b37540c0
-
SHA256
287cf9a6b09fa55e351ca4683b1094fa4c5f7fa04577fe96677cef0d3a16f41c
-
SHA512
de5bf2b4fea01725fd1e93141e917ce3ead1a6ca3e0e4424f1c302f08207cd1c23b374ad68bfae5ed57960ef53621aa405e6594a3cba47e5a7fa727f43c3eb5d
-
SSDEEP
3072:yfilVq6lAcDqgHy0GV5t+IIJOCBHEdKVX/K/7DVV77ff4UX7b1a:yfi9lVqwyt+IIJB6KVX/KL77fftX7Y
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-