General
-
Target
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e
-
Size
303KB
-
Sample
210517-55hvq3lfte
-
MD5
efe50c9d27ab0e34b6ce2563abb8b33b
-
SHA1
073c4b1237d24ca46abe3b8a44844ee5f127762b
-
SHA256
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e
-
SHA512
0571ec6e821923fc4133d5ddf846797e90db0569cef9b6965f7652cb16f9538167ca20ac16acee15c148a89190daa869cf4357cabb3276e636a22ec03f152a9b
Static task
static1
Behavioral task
behavioral1
Sample
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e
-
Size
303KB
-
MD5
efe50c9d27ab0e34b6ce2563abb8b33b
-
SHA1
073c4b1237d24ca46abe3b8a44844ee5f127762b
-
SHA256
8a4dbc201541d2173da41d67fea5fa92e2efbc22e2f41303a4550db13bf66c1e
-
SHA512
0571ec6e821923fc4133d5ddf846797e90db0569cef9b6965f7652cb16f9538167ca20ac16acee15c148a89190daa869cf4357cabb3276e636a22ec03f152a9b
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
Drops file in System32 directory
-