General
-
Target
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06
-
Size
920KB
-
Sample
221003-vdsw1sfeeq
-
MD5
5c082fea579b6c72d426961c2342c625
-
SHA1
a6160691d1f1a8408e12c3ae6a58a702b67df05b
-
SHA256
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06
-
SHA512
0eaf60ed57b0a88fc774b28a6c1bc3992c28811805f79debbafeb2abf37b07800609b344268583b73f6e8e0149d773bf8579cdf768ba091eeb864743d840b824
-
SSDEEP
6144:es0Coo08x5IFkvtcwKuHhPAznhJBy1J5CQSojuQ8SRyYnaNSOuxJ5CQSojuQ8SRW:eIXzFJHm7hD7QuJNYnncQuJrnuYnn
Static task
static1
Behavioral task
behavioral1
Sample
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06
-
Size
920KB
-
MD5
5c082fea579b6c72d426961c2342c625
-
SHA1
a6160691d1f1a8408e12c3ae6a58a702b67df05b
-
SHA256
c39c77b0016195a9bdc4bd077b1b125d2f60cc0016a3f84a68d6c58bf4852e06
-
SHA512
0eaf60ed57b0a88fc774b28a6c1bc3992c28811805f79debbafeb2abf37b07800609b344268583b73f6e8e0149d773bf8579cdf768ba091eeb864743d840b824
-
SSDEEP
6144:es0Coo08x5IFkvtcwKuHhPAznhJBy1J5CQSojuQ8SRyYnaNSOuxJ5CQSojuQ8SRW:eIXzFJHm7hD7QuJNYnncQuJrnuYnn
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-