General
-
Target
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
Size
777KB
-
Sample
220707-m18lzseadp
-
MD5
bbfaf1e433e9a3f03acb27c00705bacf
-
SHA1
4c7acdb5e92b5df7318c1fa25d18ed200c17b118
-
SHA256
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
SHA512
efb200ec355260e0bf8948b9433497d8db1fb694c217db368d951db51cfa94993d666323ac8cba96bed397afdc09f4069548128ade71d3ebfe6d5261eab63485
Malware Config
Targets
-
-
Target
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
Size
777KB
-
MD5
bbfaf1e433e9a3f03acb27c00705bacf
-
SHA1
4c7acdb5e92b5df7318c1fa25d18ed200c17b118
-
SHA256
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
SHA512
efb200ec355260e0bf8948b9433497d8db1fb694c217db368d951db51cfa94993d666323ac8cba96bed397afdc09f4069548128ade71d3ebfe6d5261eab63485
Score10/10-
Modifies WinLogon for persistence
-
ASPack v2.12-2.42
Detects executables packed with ASPack v2.12-2.42
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-