General
-
Target
1a21976839b8361a4d5b6f52685bf2fdee93f7b5c3299d2080cf42e58a012ba4
-
Size
942KB
-
Sample
220520-dtfg7afcd6
-
MD5
a34fb18d9539dff4137d6ca004de2f46
-
SHA1
073d221a99a5980f18e65b2109dc6cefa8c6361b
-
SHA256
1a21976839b8361a4d5b6f52685bf2fdee93f7b5c3299d2080cf42e58a012ba4
-
SHA512
a6cc912a85c7a679c797bc4b9915b273affed166db526eec21dbae18f947b8c889532b859c35cc7d72b186a1b616fb138e1ae53303538486c196b9620bfc74b3
Malware Config
Targets
-
-
Target
auto kick + tav/AutoClick.exe
-
Size
716KB
-
MD5
dec0a88203e4f73a3682c8a8bbc76d14
-
SHA1
e6178afe89a702a12f3f604cebde0299e7f68c09
-
SHA256
2b869c809ac19759798be63e56ff36567e35b641bbde5f5b6c0e17d4137d6965
-
SHA512
5172b582dc6fd55e9e03eab4755c0fcfc8bd2c29eaa04c612f5ce32a355bbfec73b6ae25b8a8000b99d80c998729d09dc7d627c6d4da38874ce64ac7bb268db3
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Installs/modifies Browser Helper Object
BHOs are DLL modules which act as plugins for Internet Explorer.
-
Drops file in System32 directory
-
-
-
Target
auto kick + tav/auto tab.exe
-
Size
658KB
-
MD5
21ffdf539c05ca2c05172763d3334ebc
-
SHA1
5bec96d4311fd14b21debf26f4127072169cfa4e
-
SHA256
f562be835e7367f8a73271b34b5d4d583237ab2933a4ef3703f6fcdca1b849e1
-
SHA512
73812ddd1d72bb4f4d7adf54ee00589b4b3cac5cff3d5f12657a6eb946165cd8c269074664fc70aeeefb6633f54c1a41c98df5991da580b024ed9e9388063205
Score10/10-
Modifies WinLogon for persistence
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Adds Run key to start application
-