General
-
Target
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c
-
Size
628KB
-
Sample
210518-jypbyved76
-
MD5
948e1bf21e1ae1faf4130300ca9102d2
-
SHA1
06939a83e3dfb6eb81f37f1320aaa5ca8957a3a9
-
SHA256
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c
-
SHA512
9eeff11cc0d0dda2d6eba44935ad00db76e04627fe973251dbf5b6b8e7888b3d904ecd88619cfad819e1fdb70610946dffdd9ef9fc6026be9eeb7efbfb7d5829
Static task
static1
Behavioral task
behavioral1
Sample
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c
-
Size
628KB
-
MD5
948e1bf21e1ae1faf4130300ca9102d2
-
SHA1
06939a83e3dfb6eb81f37f1320aaa5ca8957a3a9
-
SHA256
497cac9eb3d55808e304d0e60f6c94b0edf20a6116ef7aa4c294f00b51eefe9c
-
SHA512
9eeff11cc0d0dda2d6eba44935ad00db76e04627fe973251dbf5b6b8e7888b3d904ecd88619cfad819e1fdb70610946dffdd9ef9fc6026be9eeb7efbfb7d5829
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-