General
-
Target
192d0ae5ee6bf12e534a5f4dfc7c6ff2c83f901054de34d7840ebeeb84edf8bb
-
Size
697KB
-
Sample
221028-v2lgvagggl
-
MD5
0b277481ebc727eb5044cfd99871950a
-
SHA1
c26ec9ccaa6c90429c79a14e4b173ac7b90bfba3
-
SHA256
192d0ae5ee6bf12e534a5f4dfc7c6ff2c83f901054de34d7840ebeeb84edf8bb
-
SHA512
5019040067e6d2031016fdd1b3c4d8120e0e68aad6167ea11c62b751d69fd4b0b1351f8d0d323bcb6391c1bd8e84ccce78c6c783cff29272f72d505352bb3e5f
-
SSDEEP
12288:14TEVvSY6NplRnw9cis/jW9m7d4k8Jn1ap74oRquwoVNnKpCaKlzx7HPdTmn6PE:1+E5SLHllwRsomp4lJn1274oh6Cts6PE
Malware Config
Targets
-
-
Target
192d0ae5ee6bf12e534a5f4dfc7c6ff2c83f901054de34d7840ebeeb84edf8bb
-
Size
697KB
-
MD5
0b277481ebc727eb5044cfd99871950a
-
SHA1
c26ec9ccaa6c90429c79a14e4b173ac7b90bfba3
-
SHA256
192d0ae5ee6bf12e534a5f4dfc7c6ff2c83f901054de34d7840ebeeb84edf8bb
-
SHA512
5019040067e6d2031016fdd1b3c4d8120e0e68aad6167ea11c62b751d69fd4b0b1351f8d0d323bcb6391c1bd8e84ccce78c6c783cff29272f72d505352bb3e5f
-
SSDEEP
12288:14TEVvSY6NplRnw9cis/jW9m7d4k8Jn1ap74oRquwoVNnKpCaKlzx7HPdTmn6PE:1+E5SLHllwRsomp4lJn1274oh6Cts6PE
Score10/10-
Modifies WinLogon for persistence
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-