General
-
Target
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428
-
Size
112KB
-
Sample
221125-j7g6tsdc78
-
MD5
7e1b3552952c0df1b1e7b6eac8d73b03
-
SHA1
18dd6c4f67e650e3fb5fb8179db0f4554a70e529
-
SHA256
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428
-
SHA512
6366ef5c7692bdad462689bfad5b26677b52bbb9b62b1d65b4546d9cc0700a2596ededb71a8e910c4c7b6eaa6ad957dd871b6d03cd36aa4f66dba9dc154ede77
-
SSDEEP
1536:p32jxn6koA6iHSPuCgRoD7yTgQEsoxYyJ8O6+MrPZI8VOFLCwCiLEw9m:stnJogRsyTANF6/riFLpCQZ9m
Static task
static1
Behavioral task
behavioral1
Sample
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428
-
Size
112KB
-
MD5
7e1b3552952c0df1b1e7b6eac8d73b03
-
SHA1
18dd6c4f67e650e3fb5fb8179db0f4554a70e529
-
SHA256
147ffef495ae38c69c45a6823e3d8c08d87289d077fbb0041f1e3ac0842a7428
-
SHA512
6366ef5c7692bdad462689bfad5b26677b52bbb9b62b1d65b4546d9cc0700a2596ededb71a8e910c4c7b6eaa6ad957dd871b6d03cd36aa4f66dba9dc154ede77
-
SSDEEP
1536:p32jxn6koA6iHSPuCgRoD7yTgQEsoxYyJ8O6+MrPZI8VOFLCwCiLEw9m:stnJogRsyTANF6/riFLpCQZ9m
Score10/10-
Modifies WinLogon for persistence
-
Adds Run key to start application
-
Drops desktop.ini file(s)
-
Modifies WinLogon
-
Suspicious use of SetThreadContext
-