General
-
Target
45e8f263c76074a06d84a9104221216e
-
Size
197KB
-
Sample
240106-lplseadha8
-
MD5
45e8f263c76074a06d84a9104221216e
-
SHA1
31658a5d3641718e72ea286636db99a2f487fa98
-
SHA256
6e275a1c573096bb89612897a765becb0e1f9e4cd40ad93b65684692006bee57
-
SHA512
554cceda667f67839a59a8fabcebc106ac21568cb9df88511cbe6507ed720b874f26dba3fa19e0dd1b96e29506daa21cece35d2944292751cfda260318e813c4
-
SSDEEP
3072:aFaIHvps6EopEftBNkh0pyEIyidKAC66RXLB74kZ03:aFalpo+V7/JiEygVc
Malware Config
Targets
-
-
Target
45e8f263c76074a06d84a9104221216e
-
Size
197KB
-
MD5
45e8f263c76074a06d84a9104221216e
-
SHA1
31658a5d3641718e72ea286636db99a2f487fa98
-
SHA256
6e275a1c573096bb89612897a765becb0e1f9e4cd40ad93b65684692006bee57
-
SHA512
554cceda667f67839a59a8fabcebc106ac21568cb9df88511cbe6507ed720b874f26dba3fa19e0dd1b96e29506daa21cece35d2944292751cfda260318e813c4
-
SSDEEP
3072:aFaIHvps6EopEftBNkh0pyEIyidKAC66RXLB74kZ03:aFalpo+V7/JiEygVc
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-