General
-
Target
4a6a29e358327ac53ec209cfa4e32d73286413bdeaa2da4c80b8109b7906de5c
-
Size
4.6MB
-
Sample
211202-pvqkbsbdg3
-
MD5
7faddf1721f8f471bcbbd735e4032e1a
-
SHA1
9e1aadf3e0cd2642365599236e2dd9eaf1ab9aa9
-
SHA256
4a6a29e358327ac53ec209cfa4e32d73286413bdeaa2da4c80b8109b7906de5c
-
SHA512
cf55867f2995be8ae4c6083bd9d1972630f4ab2435f65918ca9510d356c64a3b043fdc90d0ccc4c03c0144bcbd70c8bf01ede271c9b0663bd2ae9f8c0e7ccc53
Static task
static1
Behavioral task
behavioral1
Sample
4a6a29e358327ac53ec209cfa4e32d73286413bdeaa2da4c80b8109b7906de5c.exe
Resource
win10-en-20211104
Malware Config
Extracted
https://raw.githubusercontent.com/sqlitey/sqlite/master/speed.ps1
Targets
-
-
Target
4a6a29e358327ac53ec209cfa4e32d73286413bdeaa2da4c80b8109b7906de5c
-
Size
4.6MB
-
MD5
7faddf1721f8f471bcbbd735e4032e1a
-
SHA1
9e1aadf3e0cd2642365599236e2dd9eaf1ab9aa9
-
SHA256
4a6a29e358327ac53ec209cfa4e32d73286413bdeaa2da4c80b8109b7906de5c
-
SHA512
cf55867f2995be8ae4c6083bd9d1972630f4ab2435f65918ca9510d356c64a3b043fdc90d0ccc4c03c0144bcbd70c8bf01ede271c9b0663bd2ae9f8c0e7ccc53
Score10/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Blocklisted process makes network request
-
Modifies RDP port number used by Windows
-
Sets DLL path for service in the registry
-
Loads dropped DLL
-