General
-
Target
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964
-
Size
517KB
-
Sample
210517-n3frhypd5s
-
MD5
30f6be4f83317da5c73cccfd277e7dfa
-
SHA1
f42abf23107f541e5b3ab8414d16c1a42051fa77
-
SHA256
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964
-
SHA512
755f113061dd4d7fae0e0ac05a779e622073edb316ebc960bb590e48de23debaee566b19ad658104c23fa7b9af1df57c26556c5c3ccde8357e288220174a6300
Static task
static1
Behavioral task
behavioral1
Sample
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964
-
Size
517KB
-
MD5
30f6be4f83317da5c73cccfd277e7dfa
-
SHA1
f42abf23107f541e5b3ab8414d16c1a42051fa77
-
SHA256
1a4c27e6b95c50e2e16b6a084844e17ab0ae7c8ec8d6894eca73d814af6a8964
-
SHA512
755f113061dd4d7fae0e0ac05a779e622073edb316ebc960bb590e48de23debaee566b19ad658104c23fa7b9af1df57c26556c5c3ccde8357e288220174a6300
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-