General
-
Target
7250b98d209c6d63648e26da5d9c36aa5a4939cc1354de2c98b3f5fd5e1e83c7
-
Size
926KB
-
Sample
210517-x1xa6sgfd6
-
MD5
e621669827577237625d7ecee251ca00
-
SHA1
ec21e5b15b43cf9e0f0302f618624b1e768c6b59
-
SHA256
7250b98d209c6d63648e26da5d9c36aa5a4939cc1354de2c98b3f5fd5e1e83c7
-
SHA512
55334b7f606b7882aabe754c72ebabbef0a1c673cde9fb0d6578234d90677ed8762ba4f79e9143c36f339d7e2649fc365c76b80fb71d5f590f5f7f90f9294ce4
Malware Config
Targets
-
-
Target
7250b98d209c6d63648e26da5d9c36aa5a4939cc1354de2c98b3f5fd5e1e83c7
-
Size
926KB
-
MD5
e621669827577237625d7ecee251ca00
-
SHA1
ec21e5b15b43cf9e0f0302f618624b1e768c6b59
-
SHA256
7250b98d209c6d63648e26da5d9c36aa5a4939cc1354de2c98b3f5fd5e1e83c7
-
SHA512
55334b7f606b7882aabe754c72ebabbef0a1c673cde9fb0d6578234d90677ed8762ba4f79e9143c36f339d7e2649fc365c76b80fb71d5f590f5f7f90f9294ce4
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies WinLogon
-