General
-
Target
d6fa27a87367e5b7b60a3d47f5f492456a118fc0896ce470293ce3d28f6ef4d4
-
Size
284KB
-
Sample
221121-td2y9agd93
-
MD5
193405676d996ea5dbb5442293f2a0d6
-
SHA1
6a38ba3d2c4356b718cae935fc97bd423a3e0d2f
-
SHA256
d6fa27a87367e5b7b60a3d47f5f492456a118fc0896ce470293ce3d28f6ef4d4
-
SHA512
33a25f42c2d028a5ce8c53537064e94d569873e65c3b4faa102eed29a0a6bea9cc0e437d7b22a333661e86028b55d9b93c00c3d24003c6615b1878d5bde320f7
-
SSDEEP
6144:auMJWY+qaHEQCcYfSBYJbQCjRcqESEgm6Anhc1kG6EmRzx:a+YcUc6SBLLTSEgBAnhc1kGsx
Malware Config
Targets
-
-
Target
d6fa27a87367e5b7b60a3d47f5f492456a118fc0896ce470293ce3d28f6ef4d4
-
Size
284KB
-
MD5
193405676d996ea5dbb5442293f2a0d6
-
SHA1
6a38ba3d2c4356b718cae935fc97bd423a3e0d2f
-
SHA256
d6fa27a87367e5b7b60a3d47f5f492456a118fc0896ce470293ce3d28f6ef4d4
-
SHA512
33a25f42c2d028a5ce8c53537064e94d569873e65c3b4faa102eed29a0a6bea9cc0e437d7b22a333661e86028b55d9b93c00c3d24003c6615b1878d5bde320f7
-
SSDEEP
6144:auMJWY+qaHEQCcYfSBYJbQCjRcqESEgm6Anhc1kG6EmRzx:a+YcUc6SBLLTSEgBAnhc1kGsx
Score10/10-
Modifies WinLogon for persistence
-
Disables RegEdit via registry modification
-
Disables Task Manager via registry modification
-
Modifies Installed Components in the registry
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Drops file in System32 directory
-