General
-
Target
59cba8a825bc689747afddec81f6578676c1b4efee642393821e06ac06b61e15
-
Size
297KB
-
Sample
221205-rnpessbh9x
-
MD5
2650e55f76232d9245ec5b12a5e190a0
-
SHA1
76d7e3eb24dbdece105dca881bbd79728e22e2df
-
SHA256
59cba8a825bc689747afddec81f6578676c1b4efee642393821e06ac06b61e15
-
SHA512
97385b89a3582cfd22a70f3267da0d70e6139721c8610bc2a70f2c00eb7cf263f988174d381892349c0e2ebc64facc4c4c6c4ceb0c35514fbf50c9f8f33a2d32
-
SSDEEP
6144:uxFR7lcTiGTAhfNbwGpjNxS42unI7TQmnms3jKRYUEy:uxrOTAXm1nnvf
Malware Config
Targets
-
-
Target
59cba8a825bc689747afddec81f6578676c1b4efee642393821e06ac06b61e15
-
Size
297KB
-
MD5
2650e55f76232d9245ec5b12a5e190a0
-
SHA1
76d7e3eb24dbdece105dca881bbd79728e22e2df
-
SHA256
59cba8a825bc689747afddec81f6578676c1b4efee642393821e06ac06b61e15
-
SHA512
97385b89a3582cfd22a70f3267da0d70e6139721c8610bc2a70f2c00eb7cf263f988174d381892349c0e2ebc64facc4c4c6c4ceb0c35514fbf50c9f8f33a2d32
-
SSDEEP
6144:uxFR7lcTiGTAhfNbwGpjNxS42unI7TQmnms3jKRYUEy:uxrOTAXm1nnvf
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-