General
-
Target
0e492616a3afad285cafd0745cfc2cdfaee5bc9becc9c184e32379a659b9469c
-
Size
612KB
-
Sample
210517-b86v89emzn
-
MD5
e5de95f35c7f080c7dc366fccbf382d5
-
SHA1
3cf2fbaaec2b4fe4dc9401df5c1537aa13e7049b
-
SHA256
0e492616a3afad285cafd0745cfc2cdfaee5bc9becc9c184e32379a659b9469c
-
SHA512
a744c10de003bce5af66c0fea05a6b64bc8bf7f3e319de709c5ab338f61f3399188538c8da2519dfe41091f54bb8252ee173d7c1b2c7f79c793a8d236424b5af
Malware Config
Targets
-
-
Target
0e492616a3afad285cafd0745cfc2cdfaee5bc9becc9c184e32379a659b9469c
-
Size
612KB
-
MD5
e5de95f35c7f080c7dc366fccbf382d5
-
SHA1
3cf2fbaaec2b4fe4dc9401df5c1537aa13e7049b
-
SHA256
0e492616a3afad285cafd0745cfc2cdfaee5bc9becc9c184e32379a659b9469c
-
SHA512
a744c10de003bce5af66c0fea05a6b64bc8bf7f3e319de709c5ab338f61f3399188538c8da2519dfe41091f54bb8252ee173d7c1b2c7f79c793a8d236424b5af
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies WinLogon
-