General
-
Target
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793
-
Size
142KB
-
Sample
221204-wgm1lscb95
-
MD5
dbd77f230c9298c788ef00c412b19682
-
SHA1
d92f1e462062e04d840ee563ade55a912b9492ca
-
SHA256
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793
-
SHA512
06394f83d0e388bf000f8c11462cbc70353b9797f5e9934e0158a80b59e34dc228596f50016afe95e07e5395918e81a6df723ee10289964ca6c2ff884b05debe
-
SSDEEP
3072:vQNfwH5j97KPyZkb2se8RV1MMFhozjnx3YhljCl7qje:vQaB97KPyZ/2V1MkhaYjClie
Static task
static1
Behavioral task
behavioral1
Sample
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793
-
Size
142KB
-
MD5
dbd77f230c9298c788ef00c412b19682
-
SHA1
d92f1e462062e04d840ee563ade55a912b9492ca
-
SHA256
c2fc7ad9cd3fe4c6ba65622c336b40ee826c8085e3e0c26b27935790983f2793
-
SHA512
06394f83d0e388bf000f8c11462cbc70353b9797f5e9934e0158a80b59e34dc228596f50016afe95e07e5395918e81a6df723ee10289964ca6c2ff884b05debe
-
SSDEEP
3072:vQNfwH5j97KPyZkb2se8RV1MMFhozjnx3YhljCl7qje:vQaB97KPyZ/2V1MkhaYjClie
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-