General
-
Target
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30
-
Size
607KB
-
Sample
210517-h5el3jtqfe
-
MD5
966806cb7b0d2ae8b570cc370e3ebe47
-
SHA1
b0a3eb3b116a60ed67be046c52f2419e257a04b8
-
SHA256
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30
-
SHA512
ddb906b23c3181a7d174b25414e89d615ff483a8d6e822eadbe8fd90e31ebbfb14eb2cc15632cab4c58b4d051a13ad3b9c53bbb8ce9aa17c6a77bbdfa5dbfa71
Static task
static1
Behavioral task
behavioral1
Sample
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30
-
Size
607KB
-
MD5
966806cb7b0d2ae8b570cc370e3ebe47
-
SHA1
b0a3eb3b116a60ed67be046c52f2419e257a04b8
-
SHA256
5e62cc31bf498c18f19b57276b21050b4bfcc77ec72deff4a44eea5318018a30
-
SHA512
ddb906b23c3181a7d174b25414e89d615ff483a8d6e822eadbe8fd90e31ebbfb14eb2cc15632cab4c58b4d051a13ad3b9c53bbb8ce9aa17c6a77bbdfa5dbfa71
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-