General
-
Target
63a4fa287d067ff9083c6d2bf5735016
-
Size
3.1MB
-
Sample
201117-1gqb4pra2s
-
MD5
c6ebdaa3c37a66c4e19964b77df4c1bb
-
SHA1
826e46cec09b7e0748b62fb398d3e955edb3cc9d
-
SHA256
cbcfad5e750f0e032d59c23e09a993471555360688c4cd59b8ba7b896c2e4b88
-
SHA512
63423c6ef2128a3da43a64dbd4669c54c5aca01d32886c51f37b915d64f0a61cd852c5f505d6b1fd6c220ce787e1f091e8038733ee617c36eb3dc2c4dd7f78a9
Static task
static1
Behavioral task
behavioral1
Sample
63a4fa287d067ff9083c6d2bf5735016.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
63a4fa287d067ff9083c6d2bf5735016.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
63a4fa287d067ff9083c6d2bf5735016
-
Size
3.1MB
-
MD5
c6ebdaa3c37a66c4e19964b77df4c1bb
-
SHA1
826e46cec09b7e0748b62fb398d3e955edb3cc9d
-
SHA256
cbcfad5e750f0e032d59c23e09a993471555360688c4cd59b8ba7b896c2e4b88
-
SHA512
63423c6ef2128a3da43a64dbd4669c54c5aca01d32886c51f37b915d64f0a61cd852c5f505d6b1fd6c220ce787e1f091e8038733ee617c36eb3dc2c4dd7f78a9
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Modifies RDP port number used by Windows
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
Loads dropped DLL
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-