General
-
Target
52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
-
Size
2.7MB
-
Sample
210817-ky93l67kaa
-
MD5
ce01abae632039492328b5d9920a572c
-
SHA1
62709acf15da719ee84d692834176de59ab32c9e
-
SHA256
52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
-
SHA512
afdcfe14ce9396f77c238c93090c1e03dfc74959b0b1229e2410ed119c68bbd4196efd3d8a291a1e45325caf9a17001a5122ead1538bb1766b9cac57c18703b0
Static task
static1
Behavioral task
behavioral1
Sample
52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732.exe
Resource
win10v20210410
Malware Config
Targets
-
-
Target
52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
-
Size
2.7MB
-
MD5
ce01abae632039492328b5d9920a572c
-
SHA1
62709acf15da719ee84d692834176de59ab32c9e
-
SHA256
52ec2bb551c23ecd0aad847e5fbe3e0370b0f7684e7c8b00807ac497b370e732
-
SHA512
afdcfe14ce9396f77c238c93090c1e03dfc74959b0b1229e2410ed119c68bbd4196efd3d8a291a1e45325caf9a17001a5122ead1538bb1766b9cac57c18703b0
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-