General
-
Target
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2
-
Size
424KB
-
Sample
220213-na59lshbg6
-
MD5
afeac971ffe5bab0bf3da53291b523fe
-
SHA1
f1686e5d05dfb82662cea2907b2e9685d6641755
-
SHA256
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2
-
SHA512
a065544135927cd13c547faf19e0135e7ad3f84b503f99ae4f82628643aadca6eabfa3ab7025bbc9f1efce854b6114db71d63cac8ff20b789d3385f238d1cd04
Static task
static1
Behavioral task
behavioral1
Sample
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2.exe
Resource
win10v2004-en-20220112
Malware Config
Targets
-
-
Target
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2
-
Size
424KB
-
MD5
afeac971ffe5bab0bf3da53291b523fe
-
SHA1
f1686e5d05dfb82662cea2907b2e9685d6641755
-
SHA256
b257911d5debbeced8ec162a06760ce49819001a02b5f508d4305f8ef9701df2
-
SHA512
a065544135927cd13c547faf19e0135e7ad3f84b503f99ae4f82628643aadca6eabfa3ab7025bbc9f1efce854b6114db71d63cac8ff20b789d3385f238d1cd04
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
Allows Network login with blank passwords
Allows local user accounts with blank passwords to access device from the network.
-
Modifies file permissions
-