General
-
Target
NextDNSSetup-3.0.13.exe
-
Size
9.9MB
-
Sample
240430-y9wvbsha95
-
MD5
8f3d24e803207b5d3e0e2cb1d0240f82
-
SHA1
866d19bcca89de2c2de5055137cdbd7297796558
-
SHA256
1c7ed1124a0ee7e955ab0b1c1c27c6ab09ea9b644258cc5801622ed0e5ece33a
-
SHA512
fb50dbbba9277c5b42a428de127592a3dfe9fda9cde126bd494b4f6ed123edf8c0aa9f6cffed3f96f4b5ec216a642ed3278681f0898d8aa6bbdf22ca96571647
-
SSDEEP
196608:TTtKqUZYWT1YiNCi9I8RGmUU9I7WeuM9raGkZAfgaJrSMF/VZd3WJs:TTtKRPTfCCIb3U9W7u+raGL/jZz
Malware Config
Targets
-
-
Target
NextDNSSetup-3.0.13.exe
-
Size
9.9MB
-
MD5
8f3d24e803207b5d3e0e2cb1d0240f82
-
SHA1
866d19bcca89de2c2de5055137cdbd7297796558
-
SHA256
1c7ed1124a0ee7e955ab0b1c1c27c6ab09ea9b644258cc5801622ed0e5ece33a
-
SHA512
fb50dbbba9277c5b42a428de127592a3dfe9fda9cde126bd494b4f6ed123edf8c0aa9f6cffed3f96f4b5ec216a642ed3278681f0898d8aa6bbdf22ca96571647
-
SSDEEP
196608:TTtKqUZYWT1YiNCi9I8RGmUU9I7WeuM9raGkZAfgaJrSMF/VZd3WJs:TTtKRPTfCCIb3U9W7u+raGL/jZz
Score5/10-
Drops file in System32 directory
-
-
-
Target
$PLUGINSDIR/System.dll
-
Size
12KB
-
MD5
4add245d4ba34b04f213409bfe504c07
-
SHA1
ef756d6581d70e87d58cc4982e3f4d18e0ea5b09
-
SHA256
9111099efe9d5c9b391dc132b2faf0a3851a760d4106d5368e30ac744eb42706
-
SHA512
1bd260cabe5ea3cefbbc675162f30092ab157893510f45a1b571489e03ebb2903c55f64f89812754d3fe03c8f10012b8078d1261a7e73ac1f87c82f714bce03d
-
SSDEEP
192:VjHcQ0qWTlt7wi5Aj/lM0sEWD/wtYbBjpNQybC7y+XZv0QPi:B/Qlt7wiij/lMRv/9V4bvr
Score3/10 -
-
-
Target
$PLUGINSDIR/modern-wizard.bmp
-
Size
25KB
-
MD5
cbe40fd2b1ec96daedc65da172d90022
-
SHA1
366c216220aa4329dff6c485fd0e9b0f4f0a7944
-
SHA256
3ad2dc318056d0a2024af1804ea741146cfc18cc404649a44610cbf8b2056cf2
-
SHA512
62990cb16e37b6b4eff6ab03571c3a82dcaa21a1d393c3cb01d81f62287777fb0b4b27f8852b5fa71bc975feab5baa486d33f2c58660210e115de7e2bd34ea63
-
SSDEEP
24:Qwika6aSaaDaVYoG6abuJsnZs5GhI11BayNXPcDrSsUWcSphsWwlEWqCl6aHAX2x:Qoi47a5G8SddzKFIcsOz3Xz
Score3/10 -
-
-
Target
$PLUGINSDIR/nsDialogs.dll
-
Size
9KB
-
MD5
1d8f01a83ddd259bc339902c1d33c8f1
-
SHA1
9f7806af462c94c39e2ec6cc9c7ad05c44eba04e
-
SHA256
4b7d17da290f41ebe244827cc295ce7e580da2f7e9f7cc3efc1abc6898e3c9ed
-
SHA512
28bf647374b4b500a0f3dbced70c2b256f93940e2b39160512e6e486ac31d1d90945acecef578f61b0a501f27c7106b6ffc3deab2ec3bfb3d9af24c9449a1567
-
SSDEEP
96:o4Ev02zUu56FcS817eTaXx85qHFcUcxSgB5PKtAtoniJninnt3DVEB3YsNqkzfFc:o4EvCu5e81785qHFcU0PuAw0uyGIFc
Score3/10 -
-
-
Target
Driver/NextDNSEngine.inf
-
Size
1KB
-
MD5
592edd2ceff3324efce21ca02ec714d3
-
SHA1
d5d65ee67e3f8b03285a9940b0938c4162887a36
-
SHA256
5253306c746a0fc5f55efa4b6ad89609b8435d6936f02e0f4e2996499cbd135e
-
SHA512
5d4a71ccd0aa3083fef0475897e230c4cb60992e0ca3bbc0e3bab8ada12fe2773edb1fd6e1ef7e8646a5f298bcd5ff24cb618970f23a9fea9f16b71cee6337a1
Score3/10 -
-
-
Target
Driver/NextDNSEngine.sys
-
Size
54KB
-
MD5
e481d68241cf1317131584745fc2dee6
-
SHA1
58012859330f1a9e9c59952738acbad733f24e6d
-
SHA256
3a6acb631f6259c4da569ccc740e116ffba9a1b3fd8cce81df0071eb75ad285f
-
SHA512
a635f9ed0a3f690958257eb04331e2e0d97fc02cd95a12759694ee253a30eac07885e403583c2121d2852cebc6f1385ad404f6ef701457b4b686a700a31d99bb
-
SSDEEP
768:yc1lgMZ9w2Zlc5S7D58zg3EuJNuZJQi2UOeEnb3vMos29zWG:ycE2Pc5I5uFuyZJQVBNbUlCzj
Score1/10 -
-
-
Target
Driver/nextdnsengine.cat
-
Size
11KB
-
MD5
853c23283a950d306ce5f7125a703d60
-
SHA1
fa724e14ba93dff80b0bd477d0b4e28ec92f1dcb
-
SHA256
8ae7618ab184ea7a18cbb8d998d72bd05f805d1cf580ec39c6280d8b2b9ad9f6
-
SHA512
2b407285054b36c8f895711e4e5680ef3ff8464c96687612406341b25603f1f4a78fbf51af384493f2308467b89677c3167cad8227e77807ee3760c52f4b47ec
-
SSDEEP
192:iYh7577vCJC4F1agjEwOXP6hYC+I0ks9gICQX01k9z3AFQggS8Q:N757K5/k6h3+I0/P/R9zF/S8Q
Score1/10 -