General
-
Target
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4
-
Size
910KB
-
Sample
210518-wj6kbj6396
-
MD5
77a030e428b9e5d918a96e1ec1eb5b57
-
SHA1
79c33739f23f56cf5033c529f8c3c9bc121598f8
-
SHA256
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4
-
SHA512
6839e33aca3d72e6acb942ec6861480ee5397c61fd72ff802e98a8e9ffb132cb4ae9fb1e7f54f95cfa34c9bbd6f4ebaf999c13ae8b5a74fcccf42d0931b45e2a
Static task
static1
Behavioral task
behavioral1
Sample
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4.exe
Resource
win10v20210408
Malware Config
Targets
-
-
Target
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4
-
Size
910KB
-
MD5
77a030e428b9e5d918a96e1ec1eb5b57
-
SHA1
79c33739f23f56cf5033c529f8c3c9bc121598f8
-
SHA256
0a920948469b8516c20146d57e0b62b468c999ff42044e9d55a4e0ead79cd2c4
-
SHA512
6839e33aca3d72e6acb942ec6861480ee5397c61fd72ff802e98a8e9ffb132cb4ae9fb1e7f54f95cfa34c9bbd6f4ebaf999c13ae8b5a74fcccf42d0931b45e2a
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-