General
-
Target
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855
-
Size
448KB
-
Sample
220213-swgkladbfr
-
MD5
808189ade846e9d5855baed60727ee6e
-
SHA1
45a356565238d83b726852a4a69fa764a00c62f0
-
SHA256
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855
-
SHA512
93542e23f5ffdb7bedc98b63595871d4da488d90e19e0e214de204ed11390bb61fddef239ebb51720372317da208a7aeab3d7783f5b426817a0b12993a6df010
Static task
static1
Behavioral task
behavioral1
Sample
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855.exe
Resource
win10v2004-en-20220113
Malware Config
Targets
-
-
Target
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855
-
Size
448KB
-
MD5
808189ade846e9d5855baed60727ee6e
-
SHA1
45a356565238d83b726852a4a69fa764a00c62f0
-
SHA256
11c9544fc6c35f5488579168eb1953cb4d874c744dd97cc05fc0cfa5fa07b855
-
SHA512
93542e23f5ffdb7bedc98b63595871d4da488d90e19e0e214de204ed11390bb61fddef239ebb51720372317da208a7aeab3d7783f5b426817a0b12993a6df010
Score9/10-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Possible privilege escalation attempt
-
Sets DLL path for service in the registry
-
Allows Network login with blank passwords
Allows local user accounts with blank passwords to access device from the network.
-
Modifies file permissions
-