General
-
Target
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e
-
Size
223KB
-
Sample
231208-3zpqgsfbc6
-
MD5
ed324a12e5e9c4295820b27774d578fe
-
SHA1
8886f54fd3bbb045f9f1e6dccb21267a4a72657a
-
SHA256
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e
-
SHA512
f52e9cf86b0430ee31f5b53518bf7c625e3aeb80fb9efbb781468108dd00f9c243bcbd164badd62ef2b2a5ac59c4abadbb21b3c564318210ac0aa14e923c59c6
-
SSDEEP
3072:pZ7wXfSRZ0ON/EwW66wN94xu4CkAZJM2k5D66L+NfGbVON2Nqi/6gS5UoWXHz72n:jwPSUONLNsuWA7koN+boRi9S6oiz72D
Behavioral task
behavioral1
Sample
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e.exe
Resource
win10v2004-20231130-en
Malware Config
Targets
-
-
Target
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e
-
Size
223KB
-
MD5
ed324a12e5e9c4295820b27774d578fe
-
SHA1
8886f54fd3bbb045f9f1e6dccb21267a4a72657a
-
SHA256
93714270f4216954a6dfec6356485bfa63ef41dd3f9652dce407e9749b869b4e
-
SHA512
f52e9cf86b0430ee31f5b53518bf7c625e3aeb80fb9efbb781468108dd00f9c243bcbd164badd62ef2b2a5ac59c4abadbb21b3c564318210ac0aa14e923c59c6
-
SSDEEP
3072:pZ7wXfSRZ0ON/EwW66wN94xu4CkAZJM2k5D66L+NfGbVON2Nqi/6gS5UoWXHz72n:jwPSUONLNsuWA7koN+boRi9S6oiz72D
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops file in System32 directory
-