General
-
Target
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
Size
614KB
-
Sample
210518-wgkerbes32
-
MD5
0a3e1900c0219843058ab6f5787bbb3e
-
SHA1
047f6d99a2f87bd35e50f179652ca8e6f9639b43
-
SHA256
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
SHA512
ccce4c85dc16bc725e15d63f85815ea8d5a24844472468233255fbc4a415f9437aa0dc0ce82c50b8313003ba978320ec81c8dee4374909a03831c710f875f4ed
Static task
static1
Behavioral task
behavioral1
Sample
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
Size
614KB
-
MD5
0a3e1900c0219843058ab6f5787bbb3e
-
SHA1
047f6d99a2f87bd35e50f179652ca8e6f9639b43
-
SHA256
896366f46bda56ddc716c9e5ab226d7c0fc770c0edec5282dc574d43661bd32e
-
SHA512
ccce4c85dc16bc725e15d63f85815ea8d5a24844472468233255fbc4a415f9437aa0dc0ce82c50b8313003ba978320ec81c8dee4374909a03831c710f875f4ed
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-