General
-
Target
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f
-
Size
1.0MB
-
Sample
210518-pkzejs4kre
-
MD5
a1f3a22bcbb0f8e7521a0c0a9e256a27
-
SHA1
65d5848cb5ce13d3c596a250f3c4a9288f952472
-
SHA256
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f
-
SHA512
c1eab09be877e52c7c61e11a517bc5be51cb27fa33c2238a8e36caf48cf6868dcfddc8777508128462cb04fbc867e47cd949d76fd85e5c4d573e9c40433f2a2f
Static task
static1
Behavioral task
behavioral1
Sample
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f
-
Size
1.0MB
-
MD5
a1f3a22bcbb0f8e7521a0c0a9e256a27
-
SHA1
65d5848cb5ce13d3c596a250f3c4a9288f952472
-
SHA256
16c4b355591778f45e9ecf77778b48ea71460292bc00a83503faeb3778c8063f
-
SHA512
c1eab09be877e52c7c61e11a517bc5be51cb27fa33c2238a8e36caf48cf6868dcfddc8777508128462cb04fbc867e47cd949d76fd85e5c4d573e9c40433f2a2f
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-