General
-
Target
6bf1f9b0bb08ae83980cf8d36728960f
-
Size
254KB
-
Sample
240121-bchj4sbfap
-
MD5
6bf1f9b0bb08ae83980cf8d36728960f
-
SHA1
85315cb047b5f480dead9cec00808af736c461d0
-
SHA256
4ff24f30cb031f75ba93c51a8604cdf90c8b112bd848df84c991713b5d5d3078
-
SHA512
ab3ba9b2a8cbb4fda04f0204ad01ab55c4ffa98547177b6ece0161fb790d8c8b37ab2c1252bafd74a4f7c0d372fa1717b78ff18e278662b3e5e643dfbc7e6a3f
-
SSDEEP
6144:haF5DXU2maEPKJnocyEzMEGH+BhZJm38TYouT:s7DXAFCucNAEvrTT
Static task
static1
Behavioral task
behavioral1
Sample
6bf1f9b0bb08ae83980cf8d36728960f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6bf1f9b0bb08ae83980cf8d36728960f.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
6bf1f9b0bb08ae83980cf8d36728960f
-
Size
254KB
-
MD5
6bf1f9b0bb08ae83980cf8d36728960f
-
SHA1
85315cb047b5f480dead9cec00808af736c461d0
-
SHA256
4ff24f30cb031f75ba93c51a8604cdf90c8b112bd848df84c991713b5d5d3078
-
SHA512
ab3ba9b2a8cbb4fda04f0204ad01ab55c4ffa98547177b6ece0161fb790d8c8b37ab2c1252bafd74a4f7c0d372fa1717b78ff18e278662b3e5e643dfbc7e6a3f
-
SSDEEP
6144:haF5DXU2maEPKJnocyEzMEGH+BhZJm38TYouT:s7DXAFCucNAEvrTT
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-