General
-
Target
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5
-
Size
1.4MB
-
Sample
210302-1j543yhks2
-
MD5
953c55f32c011724ade4d2ea325b2c29
-
SHA1
683b73cd4ff4e286a40ee3b7eb66f1f148c0c526
-
SHA256
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5
-
SHA512
ff77359b1da48a349f8c1927d32040a6d18deea120014714480119e7c0848febcceb6f01f487d374bf9054f46fa7addc37e56c1ca3b26129e67761a85ab6c144
Static task
static1
Behavioral task
behavioral1
Sample
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5
-
Size
1.4MB
-
MD5
953c55f32c011724ade4d2ea325b2c29
-
SHA1
683b73cd4ff4e286a40ee3b7eb66f1f148c0c526
-
SHA256
53a1903b820e5a314134d8e60d79371abcb37a15fb3717f32ef6dc2b12528eb5
-
SHA512
ff77359b1da48a349f8c1927d32040a6d18deea120014714480119e7c0848febcceb6f01f487d374bf9054f46fa7addc37e56c1ca3b26129e67761a85ab6c144
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-