General
-
Target
1df8f824379697c76f37e431199ce4aa
-
Size
220KB
-
Sample
231225-pjx52acdh6
-
MD5
1df8f824379697c76f37e431199ce4aa
-
SHA1
9ce9b6d61ca0b00d0c81b263c81fcc9b89036261
-
SHA256
20a2d654884a86d09618f3e5d62f69be0657964f08670457a2c8e4d95660127f
-
SHA512
0d3f92b5816e047af7aa6c6bd0bb116efde20f5668971225b538da1f615531570377c219bcf100159e0874c9753d746f57c2f1f41a11c783d5e5adf71a41e9d4
-
SSDEEP
6144:t7hTDT4k+qylLyPs4JXcEvXyT6DamSxdN7h:t71ZilLyPRqusdN7
Malware Config
Targets
-
-
Target
1df8f824379697c76f37e431199ce4aa
-
Size
220KB
-
MD5
1df8f824379697c76f37e431199ce4aa
-
SHA1
9ce9b6d61ca0b00d0c81b263c81fcc9b89036261
-
SHA256
20a2d654884a86d09618f3e5d62f69be0657964f08670457a2c8e4d95660127f
-
SHA512
0d3f92b5816e047af7aa6c6bd0bb116efde20f5668971225b538da1f615531570377c219bcf100159e0874c9753d746f57c2f1f41a11c783d5e5adf71a41e9d4
-
SSDEEP
6144:t7hTDT4k+qylLyPs4JXcEvXyT6DamSxdN7h:t71ZilLyPRqusdN7
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-