General
-
Target
2a057c89b1d96ced1724c089b154753b
-
Size
255KB
-
Sample
231231-f6fptsdhak
-
MD5
2a057c89b1d96ced1724c089b154753b
-
SHA1
db2e2e72c8f4670a9e4bf4c9a743dcda2510d000
-
SHA256
0d17c1b7ac57d9ef3b84b7c601cec5c593f87d49d0c6ca6ea49bb0e2c01caccb
-
SHA512
ede01cedd3c9aebfd4e8167a873f59039b06b508e492f3def498afd1902017c5f6ccc89bd8e9a8fa78e996d855af39f9befe4e55b0d71e7f97b6999f14e67202
-
SSDEEP
6144:e/jyywaV4meKBMqiehW00g4KjsZPyO/2PeKwoCyO1P2+Mau:8jMajedqiWz0gFO/VBTfHu
Static task
static1
Behavioral task
behavioral1
Sample
2a057c89b1d96ced1724c089b154753b.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
2a057c89b1d96ced1724c089b154753b.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
2a057c89b1d96ced1724c089b154753b
-
Size
255KB
-
MD5
2a057c89b1d96ced1724c089b154753b
-
SHA1
db2e2e72c8f4670a9e4bf4c9a743dcda2510d000
-
SHA256
0d17c1b7ac57d9ef3b84b7c601cec5c593f87d49d0c6ca6ea49bb0e2c01caccb
-
SHA512
ede01cedd3c9aebfd4e8167a873f59039b06b508e492f3def498afd1902017c5f6ccc89bd8e9a8fa78e996d855af39f9befe4e55b0d71e7f97b6999f14e67202
-
SSDEEP
6144:e/jyywaV4meKBMqiehW00g4KjsZPyO/2PeKwoCyO1P2+Mau:8jMajedqiWz0gFO/VBTfHu
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-