General
-
Target
d6ec11231cb035674c0d1f98fcf84db2
-
Size
261KB
-
Sample
240319-x3jqrach34
-
MD5
d6ec11231cb035674c0d1f98fcf84db2
-
SHA1
e5c340d770e4cc958d1bab56f7f8d6ed0af2dcf5
-
SHA256
e5bc560b9bdf170987a9e2685066e7be8b991eae88c52056d183cef03aa2b456
-
SHA512
820e8840bc2c6c6a331a8a5a692f2be3c16ecb5eadbe7aa3ea74ed5c43698a72db7ba1f6bd47f79180a637458e1289c5b9a2102a60bdd6a1ccbd5d9fc49014ac
-
SSDEEP
6144:fV1yEtgWvWZryFwTnAls4pTnRQb5288x5jcPOep:fV1BRWgFwTnl4+5Ex5cPjp
Static task
static1
Behavioral task
behavioral1
Sample
d6ec11231cb035674c0d1f98fcf84db2.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
d6ec11231cb035674c0d1f98fcf84db2.exe
Resource
win10v2004-20240226-en
Malware Config
Targets
-
-
Target
d6ec11231cb035674c0d1f98fcf84db2
-
Size
261KB
-
MD5
d6ec11231cb035674c0d1f98fcf84db2
-
SHA1
e5c340d770e4cc958d1bab56f7f8d6ed0af2dcf5
-
SHA256
e5bc560b9bdf170987a9e2685066e7be8b991eae88c52056d183cef03aa2b456
-
SHA512
820e8840bc2c6c6a331a8a5a692f2be3c16ecb5eadbe7aa3ea74ed5c43698a72db7ba1f6bd47f79180a637458e1289c5b9a2102a60bdd6a1ccbd5d9fc49014ac
-
SSDEEP
6144:fV1yEtgWvWZryFwTnAls4pTnRQb5288x5jcPOep:fV1BRWgFwTnl4+5Ex5cPjp
Score10/10-
Modifies WinLogon for persistence
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Suspicious use of SetThreadContext
-