General
-
Target
ca8ed393a116f6506430c303d304cbddeb655d56849c74729f198839cb292e9d
-
Size
200KB
-
Sample
221201-v9sacsce86
-
MD5
d388be060d5ca71006b685af697f458b
-
SHA1
8361de36317750d04d67fe0ccaf3d7171bbad1a0
-
SHA256
ca8ed393a116f6506430c303d304cbddeb655d56849c74729f198839cb292e9d
-
SHA512
0a7c4df54f23bc3ba54b35773f3ebc6e04d05a95c096e401b996ad373bd1e47746959025ec8f1224a6a4625a924b37786659c3ed88355ee28d0aa110c20c64e6
-
SSDEEP
3072:/GLqjiqPjAKvL9N/oSIcDQXujknJNsMuAAgASL+Ftr1mouZ4D/B+G+ImTjo:OLqjiQAKTw08XNJNjqw+nr1HHk4
Malware Config
Targets
-
-
Target
ca8ed393a116f6506430c303d304cbddeb655d56849c74729f198839cb292e9d
-
Size
200KB
-
MD5
d388be060d5ca71006b685af697f458b
-
SHA1
8361de36317750d04d67fe0ccaf3d7171bbad1a0
-
SHA256
ca8ed393a116f6506430c303d304cbddeb655d56849c74729f198839cb292e9d
-
SHA512
0a7c4df54f23bc3ba54b35773f3ebc6e04d05a95c096e401b996ad373bd1e47746959025ec8f1224a6a4625a924b37786659c3ed88355ee28d0aa110c20c64e6
-
SSDEEP
3072:/GLqjiqPjAKvL9N/oSIcDQXujknJNsMuAAgASL+Ftr1mouZ4D/B+G+ImTjo:OLqjiQAKTw08XNJNjqw+nr1HHk4
Score8/10-
Registers COM server for autorun
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-