General
-
Target
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5
-
Size
1006KB
-
Sample
210518-4tgt7g2w6e
-
MD5
b680beae90df0927b7755a371f9d848b
-
SHA1
8816fa0fbf71e67b068e2a2ad0e1989dc19563c6
-
SHA256
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5
-
SHA512
4ef228c04e89dd8538ae88230f1f13953fc588a58195e340db05e049c21d7d67df1d74cadf06306e76be00aa7517fcabf773279d416d1a8c4dd3c751ccc5dfad
Static task
static1
Behavioral task
behavioral1
Sample
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5
-
Size
1006KB
-
MD5
b680beae90df0927b7755a371f9d848b
-
SHA1
8816fa0fbf71e67b068e2a2ad0e1989dc19563c6
-
SHA256
253480945e2720d5ba404f9bd5bb754aee6ca21877aa040d130eb2cb0f8969c5
-
SHA512
4ef228c04e89dd8538ae88230f1f13953fc588a58195e340db05e049c21d7d67df1d74cadf06306e76be00aa7517fcabf773279d416d1a8c4dd3c751ccc5dfad
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-
Drops file in System32 directory
-