General
-
Target
76a52e0f78bae48b993dc88bf482c7e3
-
Size
174KB
-
Sample
231226-r5k4psggbj
-
MD5
76a52e0f78bae48b993dc88bf482c7e3
-
SHA1
85a42787e8b3eb538737abbe672f7a91b00097d9
-
SHA256
8f03db3ed48b5c5d6841f69cd8128380b12b65c1d718430e7cd5761589aa4885
-
SHA512
df44cff99ece46a6c908823aa329d3835027d3bb4b64034eebe9453a8ddda4b86b8f2aa270a3dab33fc169d532b0ee853d4f613f10dc9c99e1008d6f01a0cd54
-
SSDEEP
3072:50MT/8vPJvm/or+pzA7FF5iVDrvGai3OUanp5oYOArPfOKQDpl0XxThtONuCfmW:msqdKVUf50rv8Ha3oYOArW7Dr0X5IuCl
Static task
static1
Behavioral task
behavioral1
Sample
76a52e0f78bae48b993dc88bf482c7e3.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
76a52e0f78bae48b993dc88bf482c7e3.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
76a52e0f78bae48b993dc88bf482c7e3
-
Size
174KB
-
MD5
76a52e0f78bae48b993dc88bf482c7e3
-
SHA1
85a42787e8b3eb538737abbe672f7a91b00097d9
-
SHA256
8f03db3ed48b5c5d6841f69cd8128380b12b65c1d718430e7cd5761589aa4885
-
SHA512
df44cff99ece46a6c908823aa329d3835027d3bb4b64034eebe9453a8ddda4b86b8f2aa270a3dab33fc169d532b0ee853d4f613f10dc9c99e1008d6f01a0cd54
-
SSDEEP
3072:50MT/8vPJvm/or+pzA7FF5iVDrvGai3OUanp5oYOArPfOKQDpl0XxThtONuCfmW:msqdKVUf50rv8Ha3oYOArW7Dr0X5IuCl
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-