General
-
Target
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac
-
Size
1.3MB
-
Sample
220705-yzr4dscfap
-
MD5
4c6aa8c110669a6662c06c7d6b38ba35
-
SHA1
4dd07af4c8402364e079ee09c1b067a88ffbb799
-
SHA256
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac
-
SHA512
a5c33bc0c55cd1429898f42b12ed4b10e21652129c445ac021533f0bcd653dc90c1686d7a71b2a70edd971f7826d5ea0e74fd7f5affb287518c17a4a8bae458e
Static task
static1
Behavioral task
behavioral1
Sample
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac
-
Size
1.3MB
-
MD5
4c6aa8c110669a6662c06c7d6b38ba35
-
SHA1
4dd07af4c8402364e079ee09c1b067a88ffbb799
-
SHA256
37402cd4871d5beb1ed19079029426bc1330ec6b6e81cc5d6dce66bc0f6b0aac
-
SHA512
a5c33bc0c55cd1429898f42b12ed4b10e21652129c445ac021533f0bcd653dc90c1686d7a71b2a70edd971f7826d5ea0e74fd7f5affb287518c17a4a8bae458e
Score10/10-
Modifies WinLogon for persistence
-
suricata: ET MALWARE DNS Reply Sinkhole Microsoft NO-IP Domain
suricata: ET MALWARE DNS Reply Sinkhole Microsoft NO-IP Domain
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-