General
-
Target
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19
-
Size
796KB
-
Sample
220707-j4bvmsaeb6
-
MD5
9fc532f8cfda0910ee411b86611d88d0
-
SHA1
604f6b5e9da54e8a0f7a5bc4e38acb46c5f54334
-
SHA256
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19
-
SHA512
1ca6b8fa9d8833f89930a94220b57816ef25c2385857caa8cd2f57c30ab4b21648455177f268fd3a9b470bd84ca5c1f104c878a51a63169ede86140a0d6efd58
Static task
static1
Behavioral task
behavioral1
Sample
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19
-
Size
796KB
-
MD5
9fc532f8cfda0910ee411b86611d88d0
-
SHA1
604f6b5e9da54e8a0f7a5bc4e38acb46c5f54334
-
SHA256
469ddaeca5d4cbe7a3802db54046ce8e2af14d0d7f0b12758256981da516ea19
-
SHA512
1ca6b8fa9d8833f89930a94220b57816ef25c2385857caa8cd2f57c30ab4b21648455177f268fd3a9b470bd84ca5c1f104c878a51a63169ede86140a0d6efd58
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-