General
-
Target
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926
-
Size
127KB
-
Sample
221123-lvrwlsfg4y
-
MD5
360c9a75c63394069851498d889fb949
-
SHA1
65fbf1d955899507cb4ff58f0a6baee3cbc6a0dd
-
SHA256
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926
-
SHA512
e81e186f34000b18c5f6ed3242819fa82b80324d9df3efedef199e98c722c35f2fe6238afb6176cd807dd96b3fcfc9ced749da7a7759f88a31e4ab55a48a0787
-
SSDEEP
3072:wwYMIuDxqGnh5WaadSiCi7JHGcaFKAS00UVd:wSIuDxtnh5LadqS00Ur
Static task
static1
Behavioral task
behavioral1
Sample
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926
-
Size
127KB
-
MD5
360c9a75c63394069851498d889fb949
-
SHA1
65fbf1d955899507cb4ff58f0a6baee3cbc6a0dd
-
SHA256
0da5654a008fb45bdf0aa4937e510bf2c73c9b4305b635e5ddc2694647e8a926
-
SHA512
e81e186f34000b18c5f6ed3242819fa82b80324d9df3efedef199e98c722c35f2fe6238afb6176cd807dd96b3fcfc9ced749da7a7759f88a31e4ab55a48a0787
-
SSDEEP
3072:wwYMIuDxqGnh5WaadSiCi7JHGcaFKAS00UVd:wSIuDxtnh5LadqS00Ur
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-