General
-
Target
744695826257863c7567c820c4c6e8c0
-
Size
281KB
-
Sample
240125-kx6bcadbgk
-
MD5
744695826257863c7567c820c4c6e8c0
-
SHA1
1ed6df7ec410eb9035049e341fbcedb7d60928b9
-
SHA256
35efd6e55c007cb23d1dbdad8739fc2168b5b922f54b2dadbc413e5eb31decc5
-
SHA512
3dd3fdab83d147023122bb887f4065c182dd7d338fa6dba17932b54d24a4d68cd6289f6d365e1fbfb8940e3658bef2b050a8207c9afd2447e571d7a6759985ac
-
SSDEEP
6144:cA6W7hZWRquMrkNw2KQU1uJQIfvYmziFMm8LXoBmbOhFUI5Au:chW7r3rkieUUBfvChUXmmbqKt
Static task
static1
Behavioral task
behavioral1
Sample
744695826257863c7567c820c4c6e8c0.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
744695826257863c7567c820c4c6e8c0.exe
Resource
win10v2004-20231215-en
Malware Config
Targets
-
-
Target
744695826257863c7567c820c4c6e8c0
-
Size
281KB
-
MD5
744695826257863c7567c820c4c6e8c0
-
SHA1
1ed6df7ec410eb9035049e341fbcedb7d60928b9
-
SHA256
35efd6e55c007cb23d1dbdad8739fc2168b5b922f54b2dadbc413e5eb31decc5
-
SHA512
3dd3fdab83d147023122bb887f4065c182dd7d338fa6dba17932b54d24a4d68cd6289f6d365e1fbfb8940e3658bef2b050a8207c9afd2447e571d7a6759985ac
-
SSDEEP
6144:cA6W7hZWRquMrkNw2KQU1uJQIfvYmziFMm8LXoBmbOhFUI5Au:chW7r3rkieUUBfvChUXmmbqKt
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-