General
-
Target
0d78f8ff57b80051d420a65e662a6963
-
Size
180KB
-
Sample
231230-ed7geahgc6
-
MD5
0d78f8ff57b80051d420a65e662a6963
-
SHA1
36a6db3c959ec1428b9a6d4a4d8e27859f3578b1
-
SHA256
f5cfa030811c570f04948cbc8a217398558483bf5c415bf51633d50af8b3013f
-
SHA512
b367d91e24d7cf1476511a2d8bb0202fec89fee0b840984549503c060190d14995d2950fe50889afd358fd4b231da90e509e049f1ac66303fbd51036a015bf81
-
SSDEEP
3072:ODnR8TKwj5PPFJf4wiCNxQvMo05XqptaYjq0i2D0ef9CIKHFdhs/:ODR+dPPFdomQvMo1a0i20ebylk
Malware Config
Targets
-
-
Target
0d78f8ff57b80051d420a65e662a6963
-
Size
180KB
-
MD5
0d78f8ff57b80051d420a65e662a6963
-
SHA1
36a6db3c959ec1428b9a6d4a4d8e27859f3578b1
-
SHA256
f5cfa030811c570f04948cbc8a217398558483bf5c415bf51633d50af8b3013f
-
SHA512
b367d91e24d7cf1476511a2d8bb0202fec89fee0b840984549503c060190d14995d2950fe50889afd358fd4b231da90e509e049f1ac66303fbd51036a015bf81
-
SSDEEP
3072:ODnR8TKwj5PPFJf4wiCNxQvMo05XqptaYjq0i2D0ef9CIKHFdhs/:ODR+dPPFdomQvMo1a0i20ebylk
Score7/10-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Adds Run key to start application
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-