General
-
Target
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f
-
Size
622KB
-
Sample
210518-kned4xa132
-
MD5
cfdd5c08a62d16b8429574cc412c0abf
-
SHA1
fbf3264dfa63a4639dc74076d1605481172f8bbc
-
SHA256
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f
-
SHA512
3c40d8427a2a0128bb870413be162e00753d216561421a85f34c5e213208f0d5a319ba7445ec6e6b2361e90a0f3179c8c1d698970b307535a908a1adc45f2b27
Static task
static1
Behavioral task
behavioral1
Sample
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f
-
Size
622KB
-
MD5
cfdd5c08a62d16b8429574cc412c0abf
-
SHA1
fbf3264dfa63a4639dc74076d1605481172f8bbc
-
SHA256
0897572fef20111de3d4afd20dfdad88296c53c760750a22cf8c5808ed15bf4f
-
SHA512
3c40d8427a2a0128bb870413be162e00753d216561421a85f34c5e213208f0d5a319ba7445ec6e6b2361e90a0f3179c8c1d698970b307535a908a1adc45f2b27
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-