General
-
Target
digital.-.online C∩RWROI┐A∩┐┐┐┐M╜∩╜┐╜X╜╜A╜S┐OYW╜┐N∩YMA┐T∩╜Z∩A∩╜CHZA.msi
-
Size
268KB
-
Sample
210308-1pvvnxtfjx
-
MD5
3cdb1d26ef24c423f83ba602129b5b35
-
SHA1
ddc88f08d80382e733c4d9197ae08f795e0601f9
-
SHA256
f364525bd719aefacb0453cb9eb8814d8c67b87ce0928aed13196936115f9280
-
SHA512
b935ab83d77163d5915e8c94cd2a7fe97c89f4730a7ac77724aa7f4bec16546e57d66b4c2ffa3cb014708a26b3545a226da041f837777fddaac0d22adba20267
Behavioral task
behavioral1
Sample
digital.-.online C∩RWROI┐A∩┐┐┐┐M╜∩╜┐╜X╜╜A╜S┐OYW╜┐N∩YMA┐T∩╜Z∩A∩╜CHZA.msi
Resource
win7v20201028
Behavioral task
behavioral2
Sample
digital.-.online C∩RWROI┐A∩┐┐┐┐M╜∩╜┐╜X╜╜A╜S┐OYW╜┐N∩YMA┐T∩╜Z∩A∩╜CHZA.msi
Resource
win10v20201028
Malware Config
Targets
-
-
Target
digital.-.online C∩RWROI┐A∩┐┐┐┐M╜∩╜┐╜X╜╜A╜S┐OYW╜┐N∩YMA┐T∩╜Z∩A∩╜CHZA.msi
-
Size
268KB
-
MD5
3cdb1d26ef24c423f83ba602129b5b35
-
SHA1
ddc88f08d80382e733c4d9197ae08f795e0601f9
-
SHA256
f364525bd719aefacb0453cb9eb8814d8c67b87ce0928aed13196936115f9280
-
SHA512
b935ab83d77163d5915e8c94cd2a7fe97c89f4730a7ac77724aa7f4bec16546e57d66b4c2ffa3cb014708a26b3545a226da041f837777fddaac0d22adba20267
Score8/10-
Blocklisted process makes network request
-
Modifies WinLogon to allow AutoLogon
Enables rebooting of the machine without requiring login credentials.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-