General
-
Target
tq.jpg
-
Size
221KB
-
Sample
230330-y3863sfe9w
-
MD5
8296e188b3d8d564c388343aa7750148
-
SHA1
1186da1b5ace8b372c66e69356360fab22baae3f
-
SHA256
5671393fa023e67e323e8a4329c3f501172f481ee205cf0d0a9425643b6ea7e4
-
SHA512
2c44bbb0fcecbdc2ac87aeb59901f02843e152fcd45a572072783f4ee6f855ae1b45b7bc94931af9d6c83a2a03f661d8854222d0bb3ac4f191c6c78a6af533ee
-
SSDEEP
6144:LW2mnNJHkM+3GokGAV4lVh9/pOBsyEsbth:L5mPHkIokGiG7tpOBWs
Behavioral task
behavioral1
Sample
tq.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
tq.jpg
-
Size
221KB
-
MD5
8296e188b3d8d564c388343aa7750148
-
SHA1
1186da1b5ace8b372c66e69356360fab22baae3f
-
SHA256
5671393fa023e67e323e8a4329c3f501172f481ee205cf0d0a9425643b6ea7e4
-
SHA512
2c44bbb0fcecbdc2ac87aeb59901f02843e152fcd45a572072783f4ee6f855ae1b45b7bc94931af9d6c83a2a03f661d8854222d0bb3ac4f191c6c78a6af533ee
-
SSDEEP
6144:LW2mnNJHkM+3GokGAV4lVh9/pOBsyEsbth:L5mPHkIokGiG7tpOBWs
-
Detect Blackmoon payload
-
Gh0st RAT payload
-
Registers new Print Monitor
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-