General
-
Target
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677
-
Size
502KB
-
Sample
220707-l571kscchn
-
MD5
8f9f888f71d415106cf8a5dc8d90f9c7
-
SHA1
440ee6c77159b256787b7c84f78fa3feaf85c010
-
SHA256
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677
-
SHA512
f933ba1a1151e2eb9e8048196b3419f4bb7fde675459dd978ddcffafb9a84f6f6cd4be3c9dbc91582a6e7093e4d506390f4fa90b65846f49b9d7e2ddf2ea6f9e
Static task
static1
Behavioral task
behavioral1
Sample
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677
-
Size
502KB
-
MD5
8f9f888f71d415106cf8a5dc8d90f9c7
-
SHA1
440ee6c77159b256787b7c84f78fa3feaf85c010
-
SHA256
460336aee2aa21b6e80052989b8b9ad479018516aab907909f0330c2e314f677
-
SHA512
f933ba1a1151e2eb9e8048196b3419f4bb7fde675459dd978ddcffafb9a84f6f6cd4be3c9dbc91582a6e7093e4d506390f4fa90b65846f49b9d7e2ddf2ea6f9e
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-