General
-
Target
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
Size
777KB
-
Sample
220707-m18lzseadp
-
MD5
bbfaf1e433e9a3f03acb27c00705bacf
-
SHA1
4c7acdb5e92b5df7318c1fa25d18ed200c17b118
-
SHA256
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
SHA512
efb200ec355260e0bf8948b9433497d8db1fb694c217db368d951db51cfa94993d666323ac8cba96bed397afdc09f4069548128ade71d3ebfe6d5261eab63485
Static task
static1
Behavioral task
behavioral1
Sample
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4.exe
Resource
win10v2004-20220414-en
Malware Config
Targets
-
-
Target
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
Size
777KB
-
MD5
bbfaf1e433e9a3f03acb27c00705bacf
-
SHA1
4c7acdb5e92b5df7318c1fa25d18ed200c17b118
-
SHA256
45c099937eebef47d4054c33a8a11ef3b1ed6b1c2bbca039edf53fa82199d5c4
-
SHA512
efb200ec355260e0bf8948b9433497d8db1fb694c217db368d951db51cfa94993d666323ac8cba96bed397afdc09f4069548128ade71d3ebfe6d5261eab63485
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops startup file
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops autorun.inf file
Malware can abuse Windows Autorun to spread further via attached volumes.
-
Drops file in System32 directory
-