General
-
Target
ce14ae14aca5c20c7c2120944d709c4b
-
Size
252KB
-
Sample
240316-pt2afadb69
-
MD5
ce14ae14aca5c20c7c2120944d709c4b
-
SHA1
386fc157b9782d7a7da94575558508f6793dfb53
-
SHA256
856166b6445415c6dfa476171b1295b91853a68ed81cedc690e836aba28633d0
-
SHA512
3098017f1e40df98f8a46ddb48b06550ff83adac2e9ddb43d996446f478ff7841fd268780ac5f2eee1e1407813c9d58280cdc396b03c3e54cc659230fc3e30c9
-
SSDEEP
6144:9hEBeRyGESBHIn4twz9I0Ys/RJV/4pPr3VPIYr++YEAAAQcp5hA:9KM9jBHI46zDJV/0zVPNOQc/u
Static task
static1
Behavioral task
behavioral1
Sample
ce14ae14aca5c20c7c2120944d709c4b.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ce14ae14aca5c20c7c2120944d709c4b.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
ce14ae14aca5c20c7c2120944d709c4b
-
Size
252KB
-
MD5
ce14ae14aca5c20c7c2120944d709c4b
-
SHA1
386fc157b9782d7a7da94575558508f6793dfb53
-
SHA256
856166b6445415c6dfa476171b1295b91853a68ed81cedc690e836aba28633d0
-
SHA512
3098017f1e40df98f8a46ddb48b06550ff83adac2e9ddb43d996446f478ff7841fd268780ac5f2eee1e1407813c9d58280cdc396b03c3e54cc659230fc3e30c9
-
SSDEEP
6144:9hEBeRyGESBHIn4twz9I0Ys/RJV/4pPr3VPIYr++YEAAAQcp5hA:9KM9jBHI46zDJV/0zVPNOQc/u
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-