General
-
Target
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2
-
Size
703KB
-
Sample
220703-hzbhmshhgk
-
MD5
3a099ad6dff8a7b354dcc8258847ef45
-
SHA1
a013d07f619c682b9f1f6f9c2669939039132066
-
SHA256
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2
-
SHA512
704f36baecfd950116623430a5a3e079779dc4a8cd492f410dd56835f0eadcdac2892e82b5134f94fa6862f87bf028cc930220d256cb0c22e9b83a4c4a8463cf
Static task
static1
Behavioral task
behavioral1
Sample
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2
-
Size
703KB
-
MD5
3a099ad6dff8a7b354dcc8258847ef45
-
SHA1
a013d07f619c682b9f1f6f9c2669939039132066
-
SHA256
3c87daeb4beb2d47f92315bfc8dbce10c41f8301f843db80096840a3c5c175c2
-
SHA512
704f36baecfd950116623430a5a3e079779dc4a8cd492f410dd56835f0eadcdac2892e82b5134f94fa6862f87bf028cc930220d256cb0c22e9b83a4c4a8463cf
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-