General
-
Target
16015c33b2b39392a2776d1c0e5917d0051483ab0e473679447798e0fc5e65b0.bin.sample.gz
-
Size
2.0MB
-
Sample
201205-h9f9hqyqpa
-
MD5
09934f9203e13419a6ddc44c64ed73a3
-
SHA1
7912922e519e3baaf40e2df609db2c08902587dc
-
SHA256
73509194fbb3ff4cd6113e17668c6f9ad5a8ec1a12d3fc24e024924e5d87aa58
-
SHA512
ea120c1802ed31867ce6f91c5031855f258d57972bfedf9134444b30d56427a433fd96a2f8392704ec1b95731846c6e90ca6f87ebfc2c2a7800ea1bd6d4c8f83
Static task
static1
Behavioral task
behavioral1
Sample
sample.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
sample
-
Size
5.1MB
-
MD5
3a92b81cf885e960e1449ef9afaa0534
-
SHA1
4a44220eef6874036c0413be132bb5a21d71d2ff
-
SHA256
16015c33b2b39392a2776d1c0e5917d0051483ab0e473679447798e0fc5e65b0
-
SHA512
97d32f84b56e872109ca21b7a1b183c33a3f721878962819247b74bbef400bde9638dfc006905f2cfc2c8903d0974f9783c7cc8693e189a46af00bcecf8bb7e1
Score8/10-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Modifies extensions of user files
Ransomware generally changes the extension on encrypted files.
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-