General
-
Target
5fedbc3b71195496fc6aebff9d06997c0540ee7a6a8570c86ead9551fddaf146
-
Size
260KB
-
Sample
221206-przc3ahc83
-
MD5
62429d650d4228fcced6b458eb63e91a
-
SHA1
e844029fc1d45047c75dafd5d3b93ec86b431a0d
-
SHA256
5fedbc3b71195496fc6aebff9d06997c0540ee7a6a8570c86ead9551fddaf146
-
SHA512
2dfe745b97cc746dda87d20073ecaf8818d145444dd5acdf12c386fe5bf3861754cc30c9d8da0852948fae8078335aeaf354c11f1a22e49eed2bf8ca43f01fd8
-
SSDEEP
6144:HVyRQUrDVjUi3ZAmT2lq70xVP1YTCBlmsFvXXMI:HVy6Ur5VJ70/dME5XXB
Malware Config
Targets
-
-
Target
5fedbc3b71195496fc6aebff9d06997c0540ee7a6a8570c86ead9551fddaf146
-
Size
260KB
-
MD5
62429d650d4228fcced6b458eb63e91a
-
SHA1
e844029fc1d45047c75dafd5d3b93ec86b431a0d
-
SHA256
5fedbc3b71195496fc6aebff9d06997c0540ee7a6a8570c86ead9551fddaf146
-
SHA512
2dfe745b97cc746dda87d20073ecaf8818d145444dd5acdf12c386fe5bf3861754cc30c9d8da0852948fae8078335aeaf354c11f1a22e49eed2bf8ca43f01fd8
-
SSDEEP
6144:HVyRQUrDVjUi3ZAmT2lq70xVP1YTCBlmsFvXXMI:HVy6Ur5VJ70/dME5XXB
Score10/10-
Modifies firewall policy service
-
Modifies security service
-
Sets service image path in registry
-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-