General
-
Target
668cb262f0e7473c0bd4b254463671acc74502e7e45a450ec5421a217cea3671
-
Size
3.1MB
-
Sample
201112-x9eyx9mbce
-
MD5
7f18a2b5f73d5a3b257506d2a899409f
-
SHA1
07a521fdbd2c61aba059a7b4731658d9ea993d06
-
SHA256
668cb262f0e7473c0bd4b254463671acc74502e7e45a450ec5421a217cea3671
-
SHA512
e3260e9de862aeb3609db9488c0e34aa541f784e668085be8991d09e48a4659805953a8af0cdc4f975c8b55f37cac3f4b33b159ce9cd44f260f4c80ed0f0ea6b
Malware Config
Targets
-
-
Target
668cb262f0e7473c0bd4b254463671acc74502e7e45a450ec5421a217cea3671
-
Size
3.1MB
-
MD5
7f18a2b5f73d5a3b257506d2a899409f
-
SHA1
07a521fdbd2c61aba059a7b4731658d9ea993d06
-
SHA256
668cb262f0e7473c0bd4b254463671acc74502e7e45a450ec5421a217cea3671
-
SHA512
e3260e9de862aeb3609db9488c0e34aa541f784e668085be8991d09e48a4659805953a8af0cdc4f975c8b55f37cac3f4b33b159ce9cd44f260f4c80ed0f0ea6b
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Modifies RDP port number used by Windows
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-