General
-
Target
435e3bcdea5d8af7ca10960618821e8a3b6c859e925b1a40f0b2b1c914f6fdd1
-
Size
336KB
-
Sample
220707-eyn6kachgl
-
MD5
d30bcb421d9097d79161538b669f18cc
-
SHA1
1bbbb54dfad807e4f5e5b8e8157abf91376a2238
-
SHA256
435e3bcdea5d8af7ca10960618821e8a3b6c859e925b1a40f0b2b1c914f6fdd1
-
SHA512
559eb3f10fd1628ca781bedf984c611546a88674f1afc3e0e08bce0747424bdab8e2d5d31cd680d6c6986c9a4be5ad3ee4ddd0e4f7bf4295ae216e994114bc06
Malware Config
Targets
-
-
Target
435e3bcdea5d8af7ca10960618821e8a3b6c859e925b1a40f0b2b1c914f6fdd1
-
Size
336KB
-
MD5
d30bcb421d9097d79161538b669f18cc
-
SHA1
1bbbb54dfad807e4f5e5b8e8157abf91376a2238
-
SHA256
435e3bcdea5d8af7ca10960618821e8a3b6c859e925b1a40f0b2b1c914f6fdd1
-
SHA512
559eb3f10fd1628ca781bedf984c611546a88674f1afc3e0e08bce0747424bdab8e2d5d31cd680d6c6986c9a4be5ad3ee4ddd0e4f7bf4295ae216e994114bc06
Score10/10-
Modifies WinLogon for persistence
-
Modifies system executable filetype association
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Disables RegEdit via registry modification
-
Disables use of System Restore points
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-