General
-
Target
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07
-
Size
2.7MB
-
Sample
201111-z89kwwwvvx
-
MD5
006252b08e8a073c31d43cc03e1df107
-
SHA1
12378cadbb8642ab9178c1bf87499f244738140b
-
SHA256
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07
-
SHA512
77b6b77e135be5266aca463edee263b3abfcdfe76893219ed769bbf128952c9109027d6ddaf1d46f1148850210a0aa8283f81aedb78a9c899ae140a1589f9103
Static task
static1
Behavioral task
behavioral1
Sample
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07
-
Size
2.7MB
-
MD5
006252b08e8a073c31d43cc03e1df107
-
SHA1
12378cadbb8642ab9178c1bf87499f244738140b
-
SHA256
0494a9fb7d3360da05ce76def600f533d818465fd625ff765cd15cc65a9b2c07
-
SHA512
77b6b77e135be5266aca463edee263b3abfcdfe76893219ed769bbf128952c9109027d6ddaf1d46f1148850210a0aa8283f81aedb78a9c899ae140a1589f9103
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-