General
-
Target
35d2e8725aac51e28cfe6776485767866e0865b01bcca3d6d62c7ad94a60f277
-
Size
1.3MB
-
Sample
210518-j1c12d94ma
-
MD5
f8e16db49b0a0ded6d642570890aa6bf
-
SHA1
605fb2eb9c118d54eb1159c8b813b13c42cf3cdf
-
SHA256
35d2e8725aac51e28cfe6776485767866e0865b01bcca3d6d62c7ad94a60f277
-
SHA512
7accf722b7caf3acb10b12c25845bf3ea2c73ea5492ea174b311769c64971204f7b291ac228b9d6c877889117efc8fa3036bc4ce7613ea7cf664739971a48889
Malware Config
Targets
-
-
Target
35d2e8725aac51e28cfe6776485767866e0865b01bcca3d6d62c7ad94a60f277
-
Size
1.3MB
-
MD5
f8e16db49b0a0ded6d642570890aa6bf
-
SHA1
605fb2eb9c118d54eb1159c8b813b13c42cf3cdf
-
SHA256
35d2e8725aac51e28cfe6776485767866e0865b01bcca3d6d62c7ad94a60f277
-
SHA512
7accf722b7caf3acb10b12c25845bf3ea2c73ea5492ea174b311769c64971204f7b291ac228b9d6c877889117efc8fa3036bc4ce7613ea7cf664739971a48889
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies WinLogon
-