General
-
Target
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901
-
Size
232KB
-
Sample
201113-bgmc1nh6l6
-
MD5
bd83e861279139ed63a2ba3a7f9b6532
-
SHA1
7bbcd96d97292409e5c8b34c8f2925a050ae2e40
-
SHA256
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901
-
SHA512
b8db2ebded1ea9ce62518bfa5588c7ac95eb7efa6670ab101650e10db339c2a70d9a8a8cb14948c2ab38250468f793b6fd21a888665d87d804182c347c474c58
Static task
static1
Behavioral task
behavioral1
Sample
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901
-
Size
232KB
-
MD5
bd83e861279139ed63a2ba3a7f9b6532
-
SHA1
7bbcd96d97292409e5c8b34c8f2925a050ae2e40
-
SHA256
3dc283bdd9b5d5e1bfef702b34a42f11c1c6beb03d61439604c0e98370013901
-
SHA512
b8db2ebded1ea9ce62518bfa5588c7ac95eb7efa6670ab101650e10db339c2a70d9a8a8cb14948c2ab38250468f793b6fd21a888665d87d804182c347c474c58
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-