General
-
Target
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b
-
Size
974KB
-
Sample
220703-l4z9cagge5
-
MD5
9bf90eb205bc0d48aef2ea2cb604d513
-
SHA1
c50b85efe2530a3d17f11aca4520043f4d5fb643
-
SHA256
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b
-
SHA512
228ccb385a9701ff9e9cbbb08cf36990511e3480488426f70ea8978a6c24bbb9d388a19c1ab552e1f2f4d59e8e534622a6517924e73bb77c892e2a916bb66c2f
Static task
static1
Behavioral task
behavioral1
Sample
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b
-
Size
974KB
-
MD5
9bf90eb205bc0d48aef2ea2cb604d513
-
SHA1
c50b85efe2530a3d17f11aca4520043f4d5fb643
-
SHA256
3ba702c5569d6e6b76beb010d9ea0e1d6945135ca8699dacb4492c4be0bfeb6b
-
SHA512
228ccb385a9701ff9e9cbbb08cf36990511e3480488426f70ea8978a6c24bbb9d388a19c1ab552e1f2f4d59e8e534622a6517924e73bb77c892e2a916bb66c2f
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-