General
-
Target
af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
-
Size
468KB
-
Sample
210722-fpz3g4w52n
-
MD5
8632593eb23946bc88b82d9d168999fe
-
SHA1
700bd5356eacb98850579cc9040f6b23766bc6a8
-
SHA256
af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
-
SHA512
a73b25496628fab12efd653b4c73be2db5ffe3d3e64d5b383b57507ccbb8a1ec0ea7bc10502d789d6c4e4485b1d1eae46b6bcfe29cd6b9e9fc85cd3f8b76577d
Static task
static1
Behavioral task
behavioral1
Sample
af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
-
Size
468KB
-
MD5
8632593eb23946bc88b82d9d168999fe
-
SHA1
700bd5356eacb98850579cc9040f6b23766bc6a8
-
SHA256
af17bb49ac246526e0f8b10a5e666fc9fd2ae432a3e910e888eec68207ef246d
-
SHA512
a73b25496628fab12efd653b4c73be2db5ffe3d3e64d5b383b57507ccbb8a1ec0ea7bc10502d789d6c4e4485b1d1eae46b6bcfe29cd6b9e9fc85cd3f8b76577d
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-