General
-
Target
1ff8abf285a358fce6bfe237b3e9aa1fc976cc75dd8bd532c508be4c497ebbb1
-
Size
567KB
-
Sample
221107-1ata9scefr
-
MD5
0f6a0044ae459a0feeb7d5f61a211a9b
-
SHA1
7b6c1b97a47d86525e3259327023e1a424a17957
-
SHA256
1ff8abf285a358fce6bfe237b3e9aa1fc976cc75dd8bd532c508be4c497ebbb1
-
SHA512
e5c335dd0b7b00fbdcc81b374f238a2f24f16c5b8f628c0472b22274ef5f4519b14a0f533b6705cd66abed11c351478903cd1721425a50f7d09211de17305c6a
-
SSDEEP
12288:XcEV8Z4J+3C3Ojt1i0oUuYaXyRhXzOct4:/xJV+Bw0aXyjXCci
Malware Config
Targets
-
-
Target
1ff8abf285a358fce6bfe237b3e9aa1fc976cc75dd8bd532c508be4c497ebbb1
-
Size
567KB
-
MD5
0f6a0044ae459a0feeb7d5f61a211a9b
-
SHA1
7b6c1b97a47d86525e3259327023e1a424a17957
-
SHA256
1ff8abf285a358fce6bfe237b3e9aa1fc976cc75dd8bd532c508be4c497ebbb1
-
SHA512
e5c335dd0b7b00fbdcc81b374f238a2f24f16c5b8f628c0472b22274ef5f4519b14a0f533b6705cd66abed11c351478903cd1721425a50f7d09211de17305c6a
-
SSDEEP
12288:XcEV8Z4J+3C3Ojt1i0oUuYaXyRhXzOct4:/xJV+Bw0aXyjXCci
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-