General
-
Target
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d
-
Size
140KB
-
Sample
221125-h5tamsae94
-
MD5
503f870e2b4f7667721ec283f7f7f109
-
SHA1
4d4d21d7dcd41380ace6c5a81a9e4f8f31c35e3e
-
SHA256
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d
-
SHA512
68bfc2bd1f0658102b9b5f437032b2e7071a1aac105eefc0e7be9f3f7dbcc0489e20b3d19f0b441f92a318924392069eb29f42ba5502c00c7a7111d601af9366
-
SSDEEP
1536:Mm5NbGvNizYf/aFWIPNDGe8gyeKNLOrqbdJOGxUqkSZZZ3gURD8ib87Fi:v7YfIDZ8gyeKNqqbdxiUNRD5byFi
Static task
static1
Behavioral task
behavioral1
Sample
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d.exe
Resource
win10v2004-20220901-en
Malware Config
Targets
-
-
Target
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d
-
Size
140KB
-
MD5
503f870e2b4f7667721ec283f7f7f109
-
SHA1
4d4d21d7dcd41380ace6c5a81a9e4f8f31c35e3e
-
SHA256
a5048d5a833a898146cf3e6833b36f13545418d10d0cd5d89e0bc960e224387d
-
SHA512
68bfc2bd1f0658102b9b5f437032b2e7071a1aac105eefc0e7be9f3f7dbcc0489e20b3d19f0b441f92a318924392069eb29f42ba5502c00c7a7111d601af9366
-
SSDEEP
1536:Mm5NbGvNizYf/aFWIPNDGe8gyeKNLOrqbdJOGxUqkSZZZ3gURD8ib87Fi:v7YfIDZ8gyeKNqqbdxiUNRD5byFi
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-