General
-
Target
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723
-
Size
149KB
-
Sample
210518-9pt9aks8kj
-
MD5
1a6e080c0ebe619570b8426f11c1f37d
-
SHA1
685f1e7b1778eb06217036fa6a233f96cc5a05b7
-
SHA256
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723
-
SHA512
5abfa75a95e0b6f864c5a74b130891f31b8eebab4eaf0befc75ea42d5466a61fa14dff3b2912298c58192a4fe9dd2f464a8962d3a8464d54a2c3cff2d5210cf3
Static task
static1
Behavioral task
behavioral1
Sample
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723
-
Size
149KB
-
MD5
1a6e080c0ebe619570b8426f11c1f37d
-
SHA1
685f1e7b1778eb06217036fa6a233f96cc5a05b7
-
SHA256
0f1c3e28c8d337cd557139517d3348a1f83829239af2382fde40a61dee4cc723
-
SHA512
5abfa75a95e0b6f864c5a74b130891f31b8eebab4eaf0befc75ea42d5466a61fa14dff3b2912298c58192a4fe9dd2f464a8962d3a8464d54a2c3cff2d5210cf3
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-