General
-
Target
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a
-
Size
589KB
-
Sample
220701-hmrzvsgfck
-
MD5
583436b54a4a3c474f74ce9124d275a8
-
SHA1
dc95c40301eff5e138b0db2744d4023e789d4ca3
-
SHA256
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a
-
SHA512
ad10c4d67c0edf1170b2455fd20e90d6a6e8dbedad785da04fc2f766c97fbed08a1b4af9a5e97cfa050182cc73d1ddc15ddaa21d371cd2031c38006ea016b09c
Static task
static1
Behavioral task
behavioral1
Sample
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a
-
Size
589KB
-
MD5
583436b54a4a3c474f74ce9124d275a8
-
SHA1
dc95c40301eff5e138b0db2744d4023e789d4ca3
-
SHA256
ae01c62137ea4f3542164c63b3e531ca2f89586a6d4e765467512aec2d6a845a
-
SHA512
ad10c4d67c0edf1170b2455fd20e90d6a6e8dbedad785da04fc2f766c97fbed08a1b4af9a5e97cfa050182cc73d1ddc15ddaa21d371cd2031c38006ea016b09c
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-