General
-
Target
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99
-
Size
42KB
-
Sample
221129-hnt6lsfa52
-
MD5
011bb4d76bba0b8b268170c8f1067cda
-
SHA1
ac96c359c7afbb48e8437806811d6301d134d778
-
SHA256
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99
-
SHA512
227c4ad35b1619246479f3d359fa03137920f3ab9b48afb82a77cda6862d41a4642f4f4c53f91add88c1abe259d4bceddc5731c15372ad1813e134f0615896ee
-
SSDEEP
768:gyz0/XBwayCUOwV3TNZHdrPeqzEWvpbPwSMX6+w6pqZxLdeVgol9D8888888888i:hzOCay4wV339rPjzbpLwRJ9pSdoI/
Behavioral task
behavioral1
Sample
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99
-
Size
42KB
-
MD5
011bb4d76bba0b8b268170c8f1067cda
-
SHA1
ac96c359c7afbb48e8437806811d6301d134d778
-
SHA256
f0d451e711a37b1bf9c113d7a6c444503f0a956ce5bd8c99dbe02309d7f37c99
-
SHA512
227c4ad35b1619246479f3d359fa03137920f3ab9b48afb82a77cda6862d41a4642f4f4c53f91add88c1abe259d4bceddc5731c15372ad1813e134f0615896ee
-
SSDEEP
768:gyz0/XBwayCUOwV3TNZHdrPeqzEWvpbPwSMX6+w6pqZxLdeVgol9D8888888888i:hzOCay4wV339rPjzbpLwRJ9pSdoI/
Score10/10-
Modifies WinLogon for persistence
-
Modifies visibility of file extensions in Explorer
-
Modifies visiblity of hidden/system files in Explorer
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Loads dropped DLL
-
Drops desktop.ini file(s)
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-