General
-
Target
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483
-
Size
191KB
-
Sample
221128-xj62yach5t
-
MD5
67e25aa6b3a942b2f4144ce74bac4e2b
-
SHA1
61e00bef097560d655002ce2e86ece31ac2a9ea6
-
SHA256
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483
-
SHA512
f008972bc1957bb4624bd696095aea7e5f4041fbffe6d24bee7fde6eaa1156d7f948464b195735190a928297375ea4760f382988a4d851460e850389ceba1c1b
-
SSDEEP
3072:ucmp+C7JOGRbQR0aTZfHsz6mZT/6xEGkuGqS8KgfAeFTcVS7dtUSTSeD:hmD7J1JQRZfw1/6ny4Kgf5FTcVQXvGe
Static task
static1
Behavioral task
behavioral1
Sample
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483
-
Size
191KB
-
MD5
67e25aa6b3a942b2f4144ce74bac4e2b
-
SHA1
61e00bef097560d655002ce2e86ece31ac2a9ea6
-
SHA256
92d0eafce57fdc73606c772b71a99a0c49358d5131d28c2a8af92a8822ef6483
-
SHA512
f008972bc1957bb4624bd696095aea7e5f4041fbffe6d24bee7fde6eaa1156d7f948464b195735190a928297375ea4760f382988a4d851460e850389ceba1c1b
-
SSDEEP
3072:ucmp+C7JOGRbQR0aTZfHsz6mZT/6xEGkuGqS8KgfAeFTcVS7dtUSTSeD:hmD7J1JQRZfw1/6ny4Kgf5FTcVQXvGe
Score10/10-
Modifies WinLogon for persistence
-
NetWire RAT payload
-
Drops file in Drivers directory
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-