General
-
Target
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72
-
Size
1.0MB
-
Sample
210518-xsnjqvmxrj
-
MD5
cf3d8c9acd375277886349734426a119
-
SHA1
1ee1f6c4a3a608f3e7204485521dd7ff5584bdee
-
SHA256
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72
-
SHA512
802568730f81502b1f644a22eb80b1e3f4f1c6002dfcc4e4faae2a08e69c212dd512a6a73aafab52c8f8df13a9ac4b6fe92f656991d0ddbc7ce98a106bccb106
Static task
static1
Behavioral task
behavioral1
Sample
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72
-
Size
1.0MB
-
MD5
cf3d8c9acd375277886349734426a119
-
SHA1
1ee1f6c4a3a608f3e7204485521dd7ff5584bdee
-
SHA256
8a186ab95b6171884da48fa49c4c9e614e93b65d5c048e8a223f38c25e464f72
-
SHA512
802568730f81502b1f644a22eb80b1e3f4f1c6002dfcc4e4faae2a08e69c212dd512a6a73aafab52c8f8df13a9ac4b6fe92f656991d0ddbc7ce98a106bccb106
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Modifies WinLogon
-