General
-
Target
SecuriteInfo.com.Trojan.TaskDisabler.k5Y@aaTO94BT.2611.9681
-
Size
1.2MB
-
Sample
201126-ppqgsnpzla
-
MD5
94e0fdb02e15e6aa0cbb0d0241a79c8d
-
SHA1
fb2eae92ce3a5c8b558668db9ef5560451d6528d
-
SHA256
1e43c91ddfe9fab0e41657d423fe3c4fb87aad1993e5fb3f173bb36a268273f7
-
SHA512
341b1de271b3e861b4c9deb2a1d2a6a017e1ae0ca1700283f990385156ea9e3928d0a3a19f54ee97e0bb9a2765b8c670660c0a13695a520f2b79bfdc3eb953cd
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Trojan.TaskDisabler.k5Y@aaTO94BT.2611.9681.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Trojan.TaskDisabler.k5Y@aaTO94BT.2611.9681.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
SecuriteInfo.com.Trojan.TaskDisabler.k5Y@aaTO94BT.2611.9681
-
Size
1.2MB
-
MD5
94e0fdb02e15e6aa0cbb0d0241a79c8d
-
SHA1
fb2eae92ce3a5c8b558668db9ef5560451d6528d
-
SHA256
1e43c91ddfe9fab0e41657d423fe3c4fb87aad1993e5fb3f173bb36a268273f7
-
SHA512
341b1de271b3e861b4c9deb2a1d2a6a017e1ae0ca1700283f990385156ea9e3928d0a3a19f54ee97e0bb9a2765b8c670660c0a13695a520f2b79bfdc3eb953cd
Score10/10-
Modifies WinLogon for persistence
-
Disables Task Manager via registry modification
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-