General
-
Target
2f4e1635621b1535d4157c9d6bc98cc7a343878d430cc61def7397e270e8fab2
-
Size
283KB
-
Sample
201113-77nv6rvc72
-
MD5
3e2ee0a9428aa04ca0bab47fc1304cad
-
SHA1
776234c1122d01ff366c089e2dbcc074f366fd6d
-
SHA256
2f4e1635621b1535d4157c9d6bc98cc7a343878d430cc61def7397e270e8fab2
-
SHA512
ee1f4d4f25ba2e226f5d0e09706b77a2cb2559bffdc27262a04a3561ebff39cb2214f158c7fce22907b4596039cc7fc3dc67fa69e6b76f17141ac0a0b88560a9
Static task
static1
Behavioral task
behavioral1
Sample
2f4e1635621b1535d4157c9d6bc98cc7a343878d430cc61def7397e270e8fab2.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
2f4e1635621b1535d4157c9d6bc98cc7a343878d430cc61def7397e270e8fab2
-
Size
283KB
-
MD5
3e2ee0a9428aa04ca0bab47fc1304cad
-
SHA1
776234c1122d01ff366c089e2dbcc074f366fd6d
-
SHA256
2f4e1635621b1535d4157c9d6bc98cc7a343878d430cc61def7397e270e8fab2
-
SHA512
ee1f4d4f25ba2e226f5d0e09706b77a2cb2559bffdc27262a04a3561ebff39cb2214f158c7fce22907b4596039cc7fc3dc67fa69e6b76f17141ac0a0b88560a9
-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Modifies security service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-