General
-
Target
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47
-
Size
959KB
-
Sample
220707-k435kacdf5
-
MD5
a71f3bc44ca191d08cccd3988f606bd2
-
SHA1
c8775ed5539914641b71becf2e58d380b875dd75
-
SHA256
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47
-
SHA512
11d3ad6e6847d039ccee5204161460214b0a88b9cd4e9ef849a1e8d5a96d97e1cc0e09d0213acdfc863925cd90bd08323c118dcaba6fe1a141c00d5aed4c33ef
Static task
static1
Behavioral task
behavioral1
Sample
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47
-
Size
959KB
-
MD5
a71f3bc44ca191d08cccd3988f606bd2
-
SHA1
c8775ed5539914641b71becf2e58d380b875dd75
-
SHA256
464fa3d9eaece84db9d04221c5a1df5e985f044b51c7b3e3c46d4bb5092edc47
-
SHA512
11d3ad6e6847d039ccee5204161460214b0a88b9cd4e9ef849a1e8d5a96d97e1cc0e09d0213acdfc863925cd90bd08323c118dcaba6fe1a141c00d5aed4c33ef
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-