General
-
Target
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9
-
Size
1.2MB
-
Sample
221029-sysqmscec4
-
MD5
7132076fe70278fbe2dda128cc366475
-
SHA1
2f855ab609d76ad9a0e82b57e7989a9a1860dd77
-
SHA256
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9
-
SHA512
162f6eec3460c6fdcb78be5f0ca4a54e29894c1afae606e7e8e6a73e42f4a84185648ebcda8ae0ba09ede694418a44513e099c20403df0a8cb1522e780413b51
-
SSDEEP
24576:Dtb20pkACqT5TBWgNQ7ar+P2ZPGhv05szsKp6A:Arg5tQ7ar+TvBf5
Static task
static1
Behavioral task
behavioral1
Sample
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9
-
Size
1.2MB
-
MD5
7132076fe70278fbe2dda128cc366475
-
SHA1
2f855ab609d76ad9a0e82b57e7989a9a1860dd77
-
SHA256
3595580527a7739a0a96f70bd805d1e89b77c6bfd239a17b6e63ba604885dfe9
-
SHA512
162f6eec3460c6fdcb78be5f0ca4a54e29894c1afae606e7e8e6a73e42f4a84185648ebcda8ae0ba09ede694418a44513e099c20403df0a8cb1522e780413b51
-
SSDEEP
24576:Dtb20pkACqT5TBWgNQ7ar+P2ZPGhv05szsKp6A:Arg5tQ7ar+TvBf5
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Drops desktop.ini file(s)
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-