General
-
Target
8b01d8b8c9bd31abf6ccfcf968e4c8c8
-
Size
195KB
-
Sample
240203-bldbraddf7
-
MD5
8b01d8b8c9bd31abf6ccfcf968e4c8c8
-
SHA1
8497fd7e233e2a5a0bd170e43e0216e94361a358
-
SHA256
44efd6f8cf47008cf991cf82ff9fa3375fbaa4568fb80621a29f3fa4e6ea6476
-
SHA512
b93e9b552732e1e9556b0d89d72a11b384ea7cbfbdc8f3717d060b1726e1eea7ea6e0f6432e5479dd5068c262bcb67629a97b997b7811869e98c4d88a2a4c236
-
SSDEEP
3072:cZ3dHs/VVlClI8Zw9GurTKQQSP7GV6GOGSqszwQu5CTQ:cZ1s/VII411AjN1wQu5C8
Malware Config
Targets
-
-
Target
8b01d8b8c9bd31abf6ccfcf968e4c8c8
-
Size
195KB
-
MD5
8b01d8b8c9bd31abf6ccfcf968e4c8c8
-
SHA1
8497fd7e233e2a5a0bd170e43e0216e94361a358
-
SHA256
44efd6f8cf47008cf991cf82ff9fa3375fbaa4568fb80621a29f3fa4e6ea6476
-
SHA512
b93e9b552732e1e9556b0d89d72a11b384ea7cbfbdc8f3717d060b1726e1eea7ea6e0f6432e5479dd5068c262bcb67629a97b997b7811869e98c4d88a2a4c236
-
SSDEEP
3072:cZ3dHs/VVlClI8Zw9GurTKQQSP7GV6GOGSqszwQu5CTQ:cZ1s/VII411AjN1wQu5C8
Score7/10-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Registers COM server for autorun
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-