General
-
Target
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06
-
Size
194KB
-
Sample
221128-xjw7qsgh55
-
MD5
fefecc54e3d22cb1e654a643ed713991
-
SHA1
07fcd3ef88b3eead94085cb633029ec1093d496f
-
SHA256
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06
-
SHA512
28b89fff96a25220633d31add70998be5b1eac3d61c5c72b93531209fbe0e3b85fffc9bedcb6e88e5ff0817c59fc7b9da96a1177743eadfaec40faf1bf41a2a1
-
SSDEEP
3072:maspd19Dp9mIeUk1q8Yc2iDvkN8bdU1eTZqEh9okv+4G2k/ZKLBs3:sd19F9mIeUpcrTv6E59okv+4e/x
Static task
static1
Behavioral task
behavioral1
Sample
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06
-
Size
194KB
-
MD5
fefecc54e3d22cb1e654a643ed713991
-
SHA1
07fcd3ef88b3eead94085cb633029ec1093d496f
-
SHA256
e4165fedfd7e7637cfd4adf6d21262b4184c6ade9e4ce81b5017c625cb776f06
-
SHA512
28b89fff96a25220633d31add70998be5b1eac3d61c5c72b93531209fbe0e3b85fffc9bedcb6e88e5ff0817c59fc7b9da96a1177743eadfaec40faf1bf41a2a1
-
SSDEEP
3072:maspd19Dp9mIeUk1q8Yc2iDvkN8bdU1eTZqEh9okv+4G2k/ZKLBs3:sd19F9mIeUpcrTv6E59okv+4e/x
Score10/10-
Modifies WinLogon for persistence
-
NetWire RAT payload
-
Drops file in Drivers directory
-
Uses the VBS compiler for execution
-
Suspicious use of SetThreadContext
-