General
-
Target
bfa21515e932d430a1c7415d5f6554a499075f2f40f913de56d918eff6693057
-
Size
284KB
-
Sample
210515-em1jrt8hme
-
MD5
90a641405523f561b9dbf3c27304d22f
-
SHA1
b72390e962498c5256ee22f1392d73f47d198829
-
SHA256
bfa21515e932d430a1c7415d5f6554a499075f2f40f913de56d918eff6693057
-
SHA512
f799f4438ddefe3d48f815d53935d24e81bfa56a0c130236b8387de68dcd07344d227461ad64a3a0ac7dd28917bfc7795755e88231bbc996b61bd4a9a36ab8a7
Static task
static1
Behavioral task
behavioral1
Sample
bfa21515e932d430a1c7415d5f6554a499075f2f40f913de56d918eff6693057.exe
Resource
win7v20210410
Malware Config
Targets
-
-
Target
bfa21515e932d430a1c7415d5f6554a499075f2f40f913de56d918eff6693057
-
Size
284KB
-
MD5
90a641405523f561b9dbf3c27304d22f
-
SHA1
b72390e962498c5256ee22f1392d73f47d198829
-
SHA256
bfa21515e932d430a1c7415d5f6554a499075f2f40f913de56d918eff6693057
-
SHA512
f799f4438ddefe3d48f815d53935d24e81bfa56a0c130236b8387de68dcd07344d227461ad64a3a0ac7dd28917bfc7795755e88231bbc996b61bd4a9a36ab8a7
-
Modifies WinLogon for persistence
-
Modifies firewall policy service
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-