General
-
Target
54e25f490523f83e9af9b60ab197a3a7
-
Size
3.8MB
-
Sample
201117-58cegh4vns
-
MD5
bce8cb9bda23c61ab301c43cd4cef7f9
-
SHA1
2c644f40d3fbc980454b0ab02dceb94284dc522b
-
SHA256
75099eecbdcbaedf899ebc906fc9840d2c8c36c4e20022e8eaccf0bec6f24155
-
SHA512
8c40707aa6d790982f1e736fe0656c3e50ad09f5165eb75213d4b8452d3df609305180fbf0ae1f2b0808135c08ea200962e932945a11b3e8bd2479c2781784e5
Static task
static1
Behavioral task
behavioral1
Sample
54e25f490523f83e9af9b60ab197a3a7.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
54e25f490523f83e9af9b60ab197a3a7.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
54e25f490523f83e9af9b60ab197a3a7
-
Size
3.8MB
-
MD5
bce8cb9bda23c61ab301c43cd4cef7f9
-
SHA1
2c644f40d3fbc980454b0ab02dceb94284dc522b
-
SHA256
75099eecbdcbaedf899ebc906fc9840d2c8c36c4e20022e8eaccf0bec6f24155
-
SHA512
8c40707aa6d790982f1e736fe0656c3e50ad09f5165eb75213d4b8452d3df609305180fbf0ae1f2b0808135c08ea200962e932945a11b3e8bd2479c2781784e5
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Modifies RDP port number used by Windows
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
Deletes itself
-
Modifies file permissions
-
Drops file in System32 directory
-
Modifies service
-