General
-
Target
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64
-
Size
380KB
-
Sample
200624-jnvqym1sqs
-
MD5
1016a9cc08ad611bccaa936c16d87c32
-
SHA1
fa149e450522fcbcd7ae0469ded554bd7a58b6d5
-
SHA256
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64
-
SHA512
4e1d65ae643e56bb16b364f1de519a62a6f8a85c2d0709fa0d2447180ee4f293e1f8d65488d0b717d2de0d8e7b7f69b5fe65a5aa2123acd79ab10c06acac352b
Static task
static1
Behavioral task
behavioral1
Sample
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64.exe
Resource
win10v200430
Malware Config
Targets
-
-
Target
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64
-
Size
380KB
-
MD5
1016a9cc08ad611bccaa936c16d87c32
-
SHA1
fa149e450522fcbcd7ae0469ded554bd7a58b6d5
-
SHA256
1ba1a86e6f5e0e1e2f1a596018465345a90822163264c05647e8155edb88ce64
-
SHA512
4e1d65ae643e56bb16b364f1de519a62a6f8a85c2d0709fa0d2447180ee4f293e1f8d65488d0b717d2de0d8e7b7f69b5fe65a5aa2123acd79ab10c06acac352b
-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-