General
-
Target
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037.bin
-
Size
532KB
-
Sample
201121-3vsypzcqyx
-
MD5
76f547c793b5478b970c64caf04d01d4
-
SHA1
f9eb40f6d3d4c83852e3781886db762bef8564e0
-
SHA256
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037
-
SHA512
91e91a8b693cb253f281411260611a221a113b342eaa642a9d6597aaf86c138ee2aa28ade10218a814ae34016e6d70824e36786497476ab704defddf60e33e17
Static task
static1
Behavioral task
behavioral1
Sample
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037.bin.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037.bin
-
Size
532KB
-
MD5
76f547c793b5478b970c64caf04d01d4
-
SHA1
f9eb40f6d3d4c83852e3781886db762bef8564e0
-
SHA256
e7c277aae66085f1e0c4789fe51cac50e3ea86d79c8a242ffc066ed0b0548037
-
SHA512
91e91a8b693cb253f281411260611a221a113b342eaa642a9d6597aaf86c138ee2aa28ade10218a814ae34016e6d70824e36786497476ab704defddf60e33e17
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-