General
-
Target
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591
-
Size
3.8MB
-
Sample
201113-9f174vc4ea
-
MD5
ddf329f7573b2a7dcdf11e8734a44850
-
SHA1
cbf1ea887d769a1f094b197c000dda8426d3f7f6
-
SHA256
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591
-
SHA512
f5301d9f2ee4a7d31f712ef1cc433f72bcd01033872d1e29dfbdcc6fc10d873b3c36c8630989b944cc45cd39829b10697f23db0cb0aceeda12932b5889d639f8
Static task
static1
Behavioral task
behavioral1
Sample
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591
-
Size
3.8MB
-
MD5
ddf329f7573b2a7dcdf11e8734a44850
-
SHA1
cbf1ea887d769a1f094b197c000dda8426d3f7f6
-
SHA256
25030c2357ace3a1713e4698aa6e139e888d880b57e5772d39447a42ac301591
-
SHA512
f5301d9f2ee4a7d31f712ef1cc433f72bcd01033872d1e29dfbdcc6fc10d873b3c36c8630989b944cc45cd39829b10697f23db0cb0aceeda12932b5889d639f8
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Modifies RDP port number used by Windows
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
Deletes itself
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-