General
-
Target
7648837c1662a2aa04dfe9445a38fe38
-
Size
281KB
-
Sample
240126-d6j15seegm
-
MD5
7648837c1662a2aa04dfe9445a38fe38
-
SHA1
57bf107c518134d20b482bd16d26e0d3e9237b3d
-
SHA256
c9113d59f62469218952967fb4b007199182241e4aa8fc593b8af7415a4c97db
-
SHA512
be0e340b7d44fc4b94c18c47acb479952675825734009ddee9447513fe1eceefc13216940aa992d1b6e2c63c1c856c7be5346a867c1dfd5e6fbbf12979d55914
-
SSDEEP
6144:cA6W7hZWRuuMrkNw2KQU1uJQIfvYmziFMm8LXoBmbOhFUI5Au:chW7r7rkieUUBfvChUXmmbqKt
Static task
static1
Behavioral task
behavioral1
Sample
7648837c1662a2aa04dfe9445a38fe38.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
7648837c1662a2aa04dfe9445a38fe38.exe
Resource
win10v2004-20231222-en
Malware Config
Targets
-
-
Target
7648837c1662a2aa04dfe9445a38fe38
-
Size
281KB
-
MD5
7648837c1662a2aa04dfe9445a38fe38
-
SHA1
57bf107c518134d20b482bd16d26e0d3e9237b3d
-
SHA256
c9113d59f62469218952967fb4b007199182241e4aa8fc593b8af7415a4c97db
-
SHA512
be0e340b7d44fc4b94c18c47acb479952675825734009ddee9447513fe1eceefc13216940aa992d1b6e2c63c1c856c7be5346a867c1dfd5e6fbbf12979d55914
-
SSDEEP
6144:cA6W7hZWRuuMrkNw2KQU1uJQIfvYmziFMm8LXoBmbOhFUI5Au:chW7r7rkieUUBfvChUXmmbqKt
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-