General
-
Target
6cc3eaef50526f145f57541b202c1025
-
Size
159KB
-
Sample
240121-jsjq4shbbm
-
MD5
6cc3eaef50526f145f57541b202c1025
-
SHA1
cec8c3bb3d2ca7aacc6918acdafc85456c88e1bf
-
SHA256
5d91fa0a62e8d79de6b130a8d6f2909e058174699a098802933cc4ff7c6e6c7f
-
SHA512
03b3fbe32284b2f6c3cf404e5912cdd542c5b106d9c44139d76b7a455ee1c47660ac6e073d1e6d6a0e09588ba933cc32d3f237246eddfa7a6a7be816e69251e0
-
SSDEEP
3072:GfIsRhQOk55XQWTt06JMZUlLQuqnvyIbtEjofeQrPvH9DRc6z+QN:GfIs85X/TqZsLQuqnVOrQrXfc6K
Static task
static1
Behavioral task
behavioral1
Sample
6cc3eaef50526f145f57541b202c1025.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6cc3eaef50526f145f57541b202c1025.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
6cc3eaef50526f145f57541b202c1025
-
Size
159KB
-
MD5
6cc3eaef50526f145f57541b202c1025
-
SHA1
cec8c3bb3d2ca7aacc6918acdafc85456c88e1bf
-
SHA256
5d91fa0a62e8d79de6b130a8d6f2909e058174699a098802933cc4ff7c6e6c7f
-
SHA512
03b3fbe32284b2f6c3cf404e5912cdd542c5b106d9c44139d76b7a455ee1c47660ac6e073d1e6d6a0e09588ba933cc32d3f237246eddfa7a6a7be816e69251e0
-
SSDEEP
3072:GfIsRhQOk55XQWTt06JMZUlLQuqnvyIbtEjofeQrPvH9DRc6z+QN:GfIs85X/TqZsLQuqnVOrQrXfc6K
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-