General
-
Target
b7be0c34018e4c3f1388d34a19d25699981aaf9f5b8653427380af1511104283
-
Size
181KB
-
Sample
221201-rvv6xsge25
-
MD5
b617870076771695388d115a53271979
-
SHA1
585a4d59e244337d438233b53ee62114f7da4f4b
-
SHA256
b7be0c34018e4c3f1388d34a19d25699981aaf9f5b8653427380af1511104283
-
SHA512
2e4c0f19d3aaf3ecf249d4268c9cc338022d5a613642d9c90d344ced272408e531e7e8e47934a69145e52f100444c5de51322aaf70de41d205041accbf010b00
-
SSDEEP
3072:hZoXbxYGp32ZyLq7gcp0zShRg5sAdKa2ll4CKf7hCN4QRRk4NBAfuyK8AuUVIsqg:hZOY4C2zSE5RgV/gS4QzkgmGuAuLa
Malware Config
Targets
-
-
Target
b7be0c34018e4c3f1388d34a19d25699981aaf9f5b8653427380af1511104283
-
Size
181KB
-
MD5
b617870076771695388d115a53271979
-
SHA1
585a4d59e244337d438233b53ee62114f7da4f4b
-
SHA256
b7be0c34018e4c3f1388d34a19d25699981aaf9f5b8653427380af1511104283
-
SHA512
2e4c0f19d3aaf3ecf249d4268c9cc338022d5a613642d9c90d344ced272408e531e7e8e47934a69145e52f100444c5de51322aaf70de41d205041accbf010b00
-
SSDEEP
3072:hZoXbxYGp32ZyLq7gcp0zShRg5sAdKa2ll4CKf7hCN4QRRk4NBAfuyK8AuUVIsqg:hZOY4C2zSE5RgV/gS4QzkgmGuAuLa
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Executes dropped EXE
-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-