General
-
Target
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3
-
Size
1.2MB
-
Sample
221126-2tm42aef4s
-
MD5
33a67ab9f3cd79bb48c8e3db30728986
-
SHA1
b0154442643a0d8dafd036a501bf5e40245a0841
-
SHA256
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3
-
SHA512
4c0f15131b9a5d05ded58b51fc75e1d0c2070f7b6b859b0fb84d2c5c23d8bcc257e342d8f44734004b4b48ee2be1a50f0218610ba67fdc23af2d89bc6c15fd83
-
SSDEEP
24576:A8ndVY0XKelcxVs1I5pYLqEeYmoRq1CNRa9XURbHudjrcSdg:A8nzYIOUQW2EeYBRq1Ag9XURbHuhm
Static task
static1
Behavioral task
behavioral1
Sample
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3.exe
Resource
win10v2004-20221111-en
Malware Config
Targets
-
-
Target
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3
-
Size
1.2MB
-
MD5
33a67ab9f3cd79bb48c8e3db30728986
-
SHA1
b0154442643a0d8dafd036a501bf5e40245a0841
-
SHA256
48e1f8993271d9a1f5b01331ba137daf7e2c00cf84772f1202c77d8d2d9f08e3
-
SHA512
4c0f15131b9a5d05ded58b51fc75e1d0c2070f7b6b859b0fb84d2c5c23d8bcc257e342d8f44734004b4b48ee2be1a50f0218610ba67fdc23af2d89bc6c15fd83
-
SSDEEP
24576:A8ndVY0XKelcxVs1I5pYLqEeYmoRq1CNRa9XURbHudjrcSdg:A8nzYIOUQW2EeYBRq1Ag9XURbHuhm
Score10/10-
Modifies WinLogon for persistence
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Suspicious use of SetThreadContext
-