General
-
Target
e28a0b40_extracted
-
Size
71KB
-
Sample
210304-7ecl4q38ae
-
MD5
db2da08dff1c398dc9690419cbe36673
-
SHA1
a45d06df8f11bdb3ab10ec44ed4c9040fe154afe
-
SHA256
9a463e6f526a181780da19ab9f569e1b1c131288c2d1ab18b3c18a656f9bf06d
-
SHA512
5774296dd59362d6fc515aa58a1d05c5d232c8a0f3a08c34439947dc85080b9b7f697ca39f9439d5890a38d9cf385d13443b2ebdc7f6adbbacc2ed4d01bb0ea6
Static task
static1
Behavioral task
behavioral1
Sample
e28a0b40_extracted.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
e28a0b40_extracted.exe
Resource
win10v20201028
Malware Config
Targets
-
-
Target
e28a0b40_extracted
-
Size
71KB
-
MD5
db2da08dff1c398dc9690419cbe36673
-
SHA1
a45d06df8f11bdb3ab10ec44ed4c9040fe154afe
-
SHA256
9a463e6f526a181780da19ab9f569e1b1c131288c2d1ab18b3c18a656f9bf06d
-
SHA512
5774296dd59362d6fc515aa58a1d05c5d232c8a0f3a08c34439947dc85080b9b7f697ca39f9439d5890a38d9cf385d13443b2ebdc7f6adbbacc2ed4d01bb0ea6
Score8/10-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-