General
-
Target
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
Size
614KB
-
Sample
210518-wgkerbes32
-
MD5
0a3e1900c0219843058ab6f5787bbb3e
-
SHA1
047f6d99a2f87bd35e50f179652ca8e6f9639b43
-
SHA256
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
SHA512
ccce4c85dc16bc725e15d63f85815ea8d5a24844472468233255fbc4a415f9437aa0dc0ce82c50b8313003ba978320ec81c8dee4374909a03831c710f875f4ed
Malware Config
Targets
-
-
Target
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
Size
614KB
-
MD5
0a3e1900c0219843058ab6f5787bbb3e
-
SHA1
047f6d99a2f87bd35e50f179652ca8e6f9639b43
-
SHA256
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
SHA512
ccce4c85dc16bc725e15d63f85815ea8d5a24844472468233255fbc4a415f9437aa0dc0ce82c50b8313003ba978320ec81c8dee4374909a03831c710f875f4ed
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Modifies WinLogon
-