General
-
Target
5114482268602368.zip
-
Size
20KB
-
Sample
201224-ekllnx8cnx
-
MD5
93ad19058937ff7b2b9592bec94cc95f
-
SHA1
2b1b66e1f9851b639c5db0986c140ce640286616
-
SHA256
3ee7764c37b39d35584e6a0bf781e788e7529353bd5d40f5de952800805051b3
-
SHA512
8e6b842735ca92ea8c57deb6ef00800277df17e1d2befe4bb717ab632820c5d6978b26a772fd9640cdf65c102d53065d135e2b4eef9f1651baf91831393b21af
Static task
static1
Behavioral task
behavioral1
Sample
ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55.exe
Resource
win7v20201028
Malware Config
Targets
-
-
Target
ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55
-
Size
135KB
-
MD5
4777ca8e3e3ded9a9598c942043a3b30
-
SHA1
955de87f9bd9382141b9ffbf9c3e84731cc5d132
-
SHA256
ec07652e3f04caad91b4438c8cb31d52c840106d3da2033f27e5ef16d7f6cc55
-
SHA512
c271a58918de797e11a9b6f5e97a7cfcfc1fd8913236c8f864ea96fb229321f59b3f8119a0803ecb0394d6709c434475f63a5cc4dbfba79d24d4efad2881ccfd
-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Possible privilege escalation attempt
-
Modifies file permissions
-
Drops desktop.ini file(s)
-
Drops file in System32 directory
-