General
-
Target
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e
-
Size
1013KB
-
Sample
210517-gm7jn5n97s
-
MD5
ff5fa8f63c3692400a14d90571fe276d
-
SHA1
554ef604bf808bf962564562482b63b9e4555042
-
SHA256
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e
-
SHA512
559cbce16f2a2a4acd6c5e79e024c6cd8e6aa5e95a78fb9cfaf5491cbc9ac9f1b91a51cbe1a7912a216471554293673d23054a7796cdddcd60a1781e196fe8dc
Static task
static1
Behavioral task
behavioral1
Sample
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e
-
Size
1013KB
-
MD5
ff5fa8f63c3692400a14d90571fe276d
-
SHA1
554ef604bf808bf962564562482b63b9e4555042
-
SHA256
cd5495c723f74814f5e6ee3cfe9dc34f23fd82ec45aeea635965a9fd44bb3f6e
-
SHA512
559cbce16f2a2a4acd6c5e79e024c6cd8e6aa5e95a78fb9cfaf5491cbc9ac9f1b91a51cbe1a7912a216471554293673d23054a7796cdddcd60a1781e196fe8dc
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-