General
-
Target
91363f032702b677965e2b311a26846eef3ce11273b4cfd608ba46fad003b5e3
-
Size
1.1MB
-
Sample
221030-a8w7psfabp
-
MD5
8484484cd5f38e090bf3098d2c2ec0e3
-
SHA1
36aa2b8b62440e10f00b1681652726dc5979f22e
-
SHA256
91363f032702b677965e2b311a26846eef3ce11273b4cfd608ba46fad003b5e3
-
SHA512
28e2c230d6d3bd6d30dc7065ecf3a13fd563c8b965d26d2fd2f2f4f44dc3d0db8f827b0c22ea82de087f46c19bb9ed709469c5dfe912d582ae2af6f1ec52f2e6
-
SSDEEP
12288:zJeJfEuGstgg/kjp98zHpie5to3HvBSXyMzBUWb98E:zJeJfAqkjp98zHpieTo3PBcJ9nP
Malware Config
Targets
-
-
Target
91363f032702b677965e2b311a26846eef3ce11273b4cfd608ba46fad003b5e3
-
Size
1.1MB
-
MD5
8484484cd5f38e090bf3098d2c2ec0e3
-
SHA1
36aa2b8b62440e10f00b1681652726dc5979f22e
-
SHA256
91363f032702b677965e2b311a26846eef3ce11273b4cfd608ba46fad003b5e3
-
SHA512
28e2c230d6d3bd6d30dc7065ecf3a13fd563c8b965d26d2fd2f2f4f44dc3d0db8f827b0c22ea82de087f46c19bb9ed709469c5dfe912d582ae2af6f1ec52f2e6
-
SSDEEP
12288:zJeJfEuGstgg/kjp98zHpie5to3HvBSXyMzBUWb98E:zJeJfAqkjp98zHpieTo3PBcJ9nP
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-