General
-
Target
3be35e189596994f537178460af5f99b
-
Size
169KB
-
Sample
240101-e2dt1aebh5
-
MD5
3be35e189596994f537178460af5f99b
-
SHA1
f1c1cfe0ecd553a721072cfcde5aeabdb3967c50
-
SHA256
10c5fa73bd914450f11017e5520b723fdef271d2cfc9de2ab168979ccfced59c
-
SHA512
7695fe0e7679f50d27d99e9eaab809ec8c1640c8d6ccd920812309c2b3048d0da7dd61b4ab388f81fabbb412213edb56b14aff40822b48d76b89f5844db9eb6a
-
SSDEEP
3072:kHowtWqr5jZzeIv50DBQqoDKR5bmqWlp5FXG8mzA8CKj6p8QTvEOWeA8S+J6w4eL:2d79jpbpqpjmqWlp+d88CK2CQTvEOWeU
Malware Config
Targets
-
-
Target
3be35e189596994f537178460af5f99b
-
Size
169KB
-
MD5
3be35e189596994f537178460af5f99b
-
SHA1
f1c1cfe0ecd553a721072cfcde5aeabdb3967c50
-
SHA256
10c5fa73bd914450f11017e5520b723fdef271d2cfc9de2ab168979ccfced59c
-
SHA512
7695fe0e7679f50d27d99e9eaab809ec8c1640c8d6ccd920812309c2b3048d0da7dd61b4ab388f81fabbb412213edb56b14aff40822b48d76b89f5844db9eb6a
-
SSDEEP
3072:kHowtWqr5jZzeIv50DBQqoDKR5bmqWlp5FXG8mzA8CKj6p8QTvEOWeA8S+J6w4eL:2d79jpbpqpjmqWlp+d88CK2CQTvEOWeU
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-